浏览 29+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-14010 | Ansible-collection-community-general: ansible-collection-community-general: keycloak user module leaks credentials in verbose output | ansible-collections | Ansible Community General Collection | Medium | 5.5 | 2025-12-04 09:51:56 | Deep Dive |
| CVE-2025-8059 | B Blocks <= 2.0.6 - Missing Authorization to Unauthenticated Privilege Escalation via rgfr_registration Function | bplugins | bBlocks – Essential Gutenberg Blocks & Patterns Collection | Critical | 9.8 | 2025-08-12 04:25:40 | Deep Dive |
| CVE-2022-4978 | Steppschuh Remote Control Server 3.1.1.12 Unauthenticated RCE | Steppschuh | Remote Control Collection Server | 中危 | - | 2025-07-23 13:49:30 | Deep Dive |
| CVE-2025-5692 | Lead Form Data Collection to CRM <= 3.1 - Missing Authorization to Authenticated (Subscriber+) Many Actions | smackcoders | Lead Form Data Collection to CRM | Medium | 6.3 | 2025-07-02 02:03:53 | Deep Dive |
| CVE-2025-47690 | WordPress Lead Form Data Collection to CRM plugin <= 3.1 - Arbitrary Option Update to Privilege Escalation vulnerability | Smackcoders Inc., | Lead Form Data Collection to CRM | High | 8.8 | 2025-05-23 12:43:18 | Deep Dive |
| CVE-2025-27428 | Directory Traversal vulnerability in SAP NetWeaver and ABAP Platform (Service Data Collection) | SAP_SE | SAP NetWeaver and ABAP Platform (Service Data Collection) | High | 7.7 | 2025-04-08 07:13:27 | Deep Dive |
| CVE-2025-30810 | WordPress Lead Form Data Collection to CRM plugin <= 3.0.1 - SQL Injection vulnerability | Smackcoders Inc., | Lead Form Data Collection to CRM | High | 8.5 | 2025-03-27 10:54:59 | Deep Dive |
| CVE-2024-13674 | Cosmic Blocks (40+) Content Editor Blocks Collection <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | berginformatik | Cosmic Blocks (40+) Content Editor Blocks Collection | Medium | 6.4 | 2025-02-19 07:32:09 | Deep Dive |
| CVE-2024-13841 | Builder Shortcode Extras – WordPress Shortcodes Collection to Save You Time <= 1.0.0 - Authenticated (Contributor+) Post Disclosure | daveshine | Builder Shortcode Extras – WordPress Shortcodes Collection to Save You Time | Medium | 4.3 | 2025-02-07 06:59:58 | Deep Dive |
| CVE-2024-51864 | WordPress Shortcode Collection plugin <= 1.4 - Stored Cross Site Scripting (XSS) vulnerability | Agnel Waghela | Shortcode Collection | Medium | 6.5 | 2024-11-19 16:31:27 | Deep Dive |
| CVE-2024-51934 | WordPress Ekiline Block Collection plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability | Uri Lazcano | Ekiline Block Collection | Medium | 6.5 | 2024-11-19 16:30:51 | Deep Dive |
| CVE-2024-10335 | SourceCodester Garbage Collection Management System login.php sql injection | SourceCodester | Garbage Collection Management System | High | 7.3 | 2024-10-24 16:31:05 | Deep Dive |
| CVE-2024-8288 | Guten Post Layout – An Advanced Post Grid Collection for WordPress Gutenberg <= 1.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute | adreastrian | Guten Post Layout – An Advanced Post Grid Collection | Medium | 6.4 | 2024-10-01 08:30:15 | Deep Dive |
| CVE-2024-3113 | FormFlow < 2.12.2 - Admin+ Stored XSS | Unknown | FormFlow: WhatsApp Social and Advanced Form Builder with Easy Lead Collection | - | - | 2024-07-30 06:00:06 | Deep Dive |
| CVE-2024-6440 | SourceCodester Home Owners Collection Management System sql injection | SourceCodester | Home Owners Collection Management System | Medium | 6.3 | 2024-07-02 11:00:07 | Deep Dive |
| CVE-2024-6439 | SourceCodester Home Owners Collection Management System unrestricted upload | SourceCodester | Home Owners Collection Management System | Medium | 6.3 | 2024-07-02 11:00:05 | Deep Dive |
| CVE-2024-28167 | Missing Authorization check in SAP Group Reporting Data Collection (Enter Package Data) | SAP_SE | SAP Group Reporting Data Collection (Enter Package Data) | Medium | 6.5 | 2024-04-09 00:55:46 | Deep Dive |
| CVE-2024-2314 | BPF Compiler Collection 安全漏洞 | IOVisor | BPF Compiler Collection | Low | 2.8 | 2024-03-10 22:54:32 | Deep Dive |
| CVE-2023-6677 | SQLi in Oduyo Online Collection Software | Oduyo Financial Technology | Online Collection | Critical | 9.8 | 2024-02-09 13:16:45 | Deep Dive |
| CVE-2023-47529 | WordPress Cloud Templates & Patterns collection Plugin <= 1.2.2 is vulnerable to Sensitive Data Exposure | ThemeIsle | Cloud Templates & Patterns collection | Medium | 5.3 | 2023-11-23 20:25:56 | Deep Dive |