浏览 39+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-69300 | WordPress Premium Addons for Elementor plugin <= 4.11.63 - Settings Change vulnerability | Leap13 | Premium Addons for Elementor | Medium | 5.4 | 2026-01-22 16:52:32 | Deep Dive |
| CVE-2025-68494 | WordPress Premium Addons for Elementor plugin <= 4.11.53 - Sensitive Data Exposure vulnerability | Leap13 | Premium Addons for Elementor | Medium | 5.3 | 2025-12-24 12:31:19 | Deep Dive |
| CVE-2025-14163 | Premium Addons for Elementor <= 4.11.53 - Cross-Site Request Forgery via 'insert_inner_template' | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 4.3 | 2025-12-23 09:20:01 | Deep Dive |
| CVE-2025-14155 | Premium Addons for Elementor <= 4.11.53 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'get_template_content' | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 5.3 | 2025-12-23 09:20:00 | Deep Dive |
| CVE-2024-11937 | Premium Addons for Elementor <= 4.10.69 - Authenticated (Contributor+) Stored Cross-Site Scripting | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 6.4 | 2025-07-04 07:22:18 | Deep Dive |
| CVE-2025-4774 | Premium Addons for Elementor <= 4.11.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 6.4 | 2025-06-10 11:22:52 | Deep Dive |
| CVE-2025-22671 | WordPress Disable Elementor Editor Translation plugin <= 1.0.2 - Broken Access Control vulnerability | Leap13 | Disable Elementor Editor Translation | Medium | 4.3 | 2025-03-27 14:13:57 | Deep Dive |
| CVE-2024-56245 | WordPress Premium Blocks plugin <= 2.1.42 - Cross Site Scripting (XSS) vulnerability | Leap13 | Premium Blocks – Gutenberg Blocks for WordPress | Medium | 6.5 | 2025-01-02 12:01:20 | Deep Dive |
| CVE-2024-56225 | WordPress Premium Addons for Elementor plugin <= 4.10.56 - Broken Access Control vulnerability | Leap13 | Premium Addons for Elementor | Medium | 5.4 | 2024-12-31 10:23:45 | Deep Dive |
| CVE-2024-10266 | Premium Addons for Elementor <= 4.10.60 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Video Box Widget | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 6.4 | 2024-10-29 11:01:35 | Deep Dive |
| CVE-2021-4445 | Premium Addons for Elementor <= 4.5.1 - Authenticated (Subscriber+) Limited Arbitrary Option Update | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 6.5 | 2024-10-16 06:43:43 | Deep Dive |
| CVE-2024-47368 | WordPress Premium Blocks plugin <= 2.1.33 - Cross Site Scripting (XSS) vulnerability | Leap13 | Premium Blocks – Gutenberg Blocks for WordPress | Medium | 6.5 | 2024-10-06 09:42:50 | Deep Dive |
| CVE-2024-8681 | Premium Addons for Elementor <= 4.10.52 - Authenticated (Contributor+) Stored Cross-Site Scripting via Media Grid Widget | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 6.4 | 2024-09-27 06:53:59 | Deep Dive |
| CVE-2024-6824 | Premium Addons for Elementor <= 4.10.38 - Missing Authorization to Authenticated (Contributor+) Arbitrary Content Deletion and Arbitrary Title Update | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 4.3 | 2024-08-08 05:31:47 | Deep Dive |
| CVE-2024-37519 | WordPress Premium Blocks – Gutenberg Blocks for WordPress plugin <= 2.1.27 - Cross Site Scripting (XSS) vulnerability | Leap13 | Premium Blocks – Gutenberg Blocks for WordPress | Medium | 6.5 | 2024-07-21 07:12:58 | Deep Dive |
| CVE-2024-37922 | WordPress Premium Addons for Elementor plugin <= 4.10.34 - Cross Site Scripting (XSS) vulnerability | Leap13 | Premium Addons for Elementor | Medium | 6.5 | 2024-07-20 08:57:56 | Deep Dive |
| CVE-2024-6495 | Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Animated Text Widget | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 6.4 | 2024-07-12 12:46:55 | Deep Dive |
| CVE-2024-6434 | Premium Addons for Elementor <= 4.10.35 - Regular Expressions Denial of Service | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Low | 3.1 | 2024-07-04 08:32:22 | Deep Dive |
| CVE-2024-6340 | Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 6.4 | 2024-07-03 07:32:38 | Deep Dive |
| CVE-2024-5553 | Premium Addons for Elementor <= 4.10.33 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 4.4 | 2024-06-12 03:09:57 | Deep Dive |