浏览 51+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-27369 | WordPress Celeste theme <= 1.3.6 - PHP Object Injection vulnerability | BoldThemes | Celeste | 中危 | - | 2026-03-05 05:53:56 | Deep Dive |
| CVE-2025-68541 | WordPress Ippsum theme <= 1.2.0 - PHP Object Injection vulnerability | BoldThemes | Ippsum | - | - | 2026-02-20 15:46:40 | Deep Dive |
| CVE-2025-67997 | WordPress Travelicious theme < 1.6.7 - PHP Object Injection vulnerability | BoldThemes | Travelicious | - | - | 2026-02-20 15:46:34 | Deep Dive |
| CVE-2025-67996 | WordPress Nestin theme < 1.2.6 - PHP Object Injection vulnerability | BoldThemes | Nestin | - | - | 2026-02-20 15:46:33 | Deep Dive |
| CVE-2026-25451 | WordPress Bold Page Builder plugin <= 5.6.9 - Cross Site Scripting (XSS) vulnerability | boldthemes | Bold Page Builder | - | - | 2026-02-19 08:27:08 | Deep Dive |
| CVE-2025-12159 | Bold Page Builder <= 5.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | boldthemes | Bold Page Builder | Medium | 6.4 | 2026-02-07 05:52:41 | Deep Dive |
| CVE-2025-13463 | Bold Page Builder <= 5.5.3 - Authenticated (Author+) Stored DOM-based Cross-Site Scripting in Post Grid | boldthemes | Bold Page Builder | Medium | 6.4 | 2026-02-07 05:52:40 | Deep Dive |
| CVE-2025-12803 | Bold Builder <= 5.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via bt_bb_tabs Shortcode | boldthemes | Bold Page Builder | Medium | 6.4 | 2026-02-07 05:52:39 | Deep Dive |
| CVE-2025-15267 | Bold Page Builder <= 5.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via bt_bb_accordion_item Shortcode | boldthemes | Bold Page Builder | Medium | 6.4 | 2026-02-07 05:52:38 | Deep Dive |
| CVE-2025-68513 | WordPress Bold Timeline Lite plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability | boldthemes | Bold Timeline Lite | Medium | 6.5 | 2025-12-24 12:31:22 | Deep Dive |
| CVE-2025-64233 | WordPress Codiqa theme < 1.2.8 - PHP Object Injection vulnerability | BoldThemes | Codiqa | - | - | 2025-12-18 07:22:14 | Deep Dive |
| CVE-2025-54723 | WordPress DentiCare Theme < 1.4.3 - PHP Object Injection Vulnerability | BoldThemes | DentiCare | - | - | 2025-12-18 07:21:49 | Deep Dive |
| CVE-2025-14032 | Bold Timeline Lite <= 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Parameter in 'bold_timeline_group' Shortcode | boldthemes | Bold Timeline Lite | Medium | 6.4 | 2025-12-12 03:20:50 | Deep Dive |
| CVE-2025-66057 | WordPress Bold Page Builder plugin <= 5.5.2 - Cross Site Scripting (XSS) vulnerability | boldthemes | Bold Page Builder | Medium | 6.5 | 2025-11-21 12:29:54 | Deep Dive |
| CVE-2025-7730 | Bold Page Builder <= 5.4.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via `percentage` Parameter | boldthemes | Bold Page Builder | Medium | 6.4 | 2025-10-23 22:25:23 | Deep Dive |
| CVE-2025-60214 | WordPress Goldenblatt theme < 1.3.0 - PHP Object Injection vulnerability | BoldThemes | Goldenblatt | - | - | 2025-10-22 14:32:44 | Deep Dive |
| CVE-2025-60216 | WordPress Addison theme < 1.4.8 - PHP Object Injection vulnerability | BoldThemes | Addison | - | - | 2025-10-22 14:32:44 | Deep Dive |
| CVE-2025-58194 | WordPress Bold Page Builder Plugin <= 5.4.3 - Cross Site Scripting (XSS) Vulnerability | boldthemes | Bold Page Builder | Medium | 6.5 | 2025-08-27 17:45:40 | Deep Dive |
| CVE-2025-54006 | WordPress Bold Page Builder plugin <= 5.4.1 - Cross Site Scripting (XSS) Vulnerability | boldthemes | Bold Page Builder | Medium | 6.5 | 2025-07-16 10:36:40 | Deep Dive |
| CVE-2024-5647 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library | blossomthemes | BlossomThemes Social Feed | Medium | 6.4 | 2025-07-03 09:22:19 | Deep Dive |