浏览 42+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-2917 | Happy Addons for Elementor <= 3.21.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Post Duplication via 'post_id' Parameter | thehappymonster | Happy Addons for Elementor | Medium | 5.4 | 2026-03-11 07:36:25 | Deep Dive |
| CVE-2026-2918 | Happy Addons for Elementor <= 3.21.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Stored Cross-Site Scripting via Template Conditions | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2026-03-11 07:36:24 | Deep Dive |
| CVE-2026-1210 | Happy Addons for Elementor <= 3.20.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via '_elementor_data' Meta Field | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2026-02-03 06:38:05 | Deep Dive |
| CVE-2025-68999 | WordPress Happy Addons for Elementor plugin <= 3.20.4 - SQL Injection vulnerability | HappyMonster | Happy Addons for Elementor | High | 8.5 | 2026-01-22 16:52:16 | Deep Dive |
| CVE-2025-14635 | Happy Addons for Elementor <= 3.20.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2025-12-23 11:13:49 | Deep Dive |
| CVE-2025-63077 | WordPress Happy Addons for Elementor plugin <= 3.20.3 - Broken Access Control vulnerability | HappyMonster | Happy Addons for Elementor | Medium | 4.3 | 2025-12-09 14:52:37 | Deep Dive |
| CVE-2024-5647 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library | blossomthemes | BlossomThemes Social Feed | Medium | 6.4 | 2025-07-03 09:22:19 | Deep Dive |
| CVE-2025-30766 | WordPress Happy Addons for Elementor plugin <= 3.16.2 - Cross Site Scripting (XSS) Vulnerability | HappyMonster | Happy Addons for Elementor | Medium | 6.5 | 2025-03-27 10:54:36 | Deep Dive |
| CVE-2024-12852 | Happy Addons for Elementor <= 3.15.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2025-01-08 06:41:38 | Deep Dive |
| CVE-2024-10538 | Happy Addons for Elementor <= 3.12.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2024-11-12 03:24:59 | Deep Dive |
| CVE-2024-48045 | WordPress Happy Elementor Addons plugin <= 3.12.3 - Broken Access Control vulnerability | HappyMonster | Happy Addons for Elementor | Medium | 4.3 | 2024-11-01 14:18:46 | Deep Dive |
| CVE-2024-47357 | WordPress Happy Addons for Elementor plugin <= 3.12.0 - Cross Site Scripting (XSS) vulnerability | HappyMonster | Happy Addons for Elementor | Medium | 6.5 | 2024-10-06 09:58:55 | Deep Dive |
| CVE-2024-8801 | Happy Addons for Elementor <= 3.12.2 - Authenticated (Contributor+) Sensitive Information Exposure | thehappymonster | Happy Addons for Elementor | Medium | 4.3 | 2024-09-24 11:00:46 | Deep Dive |
| CVE-2024-6627 | Happy Addons for Elementor <= 3.11.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via PDF View Widget | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2024-07-27 11:13:38 | Deep Dive |
| CVE-2024-5790 | Happy Addons for Elementor <= 3.11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gradient Heading Widget | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2024-06-29 07:05:39 | Deep Dive |
| CVE-2024-5041 | Happy Addons for Elementor <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2024-05-31 09:31:41 | Deep Dive |
| CVE-2024-5347 | Happy Addons for Elementor <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Navigation Widget | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2024-05-31 09:31:39 | Deep Dive |
| CVE-2024-5088 | Happy Addons for Elementor <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2024-05-18 11:36:00 | Deep Dive |
| CVE-2024-4865 | Happy Addons for Elementor <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via _id Parameter | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2024-05-18 03:06:58 | Deep Dive |
| CVE-2024-4391 | Happy Addons for Elementor Authenticated (Contributor+) Stored-XSS <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Event Calendar Widget | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2024-05-16 08:32:51 | Deep Dive |