Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

漏洞数据库 - AI 增强中文 CVE 平台 与情报

浏览 120+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。

Clear Filters
Found 120 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-4949 ProfilePress <= 4.16.12 - Missing Authorization to Authenticated (Subscriber+) Inactive Membership Plan Subscription properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 4.3 2026-04-15 22:26:06 Deep Dive
CVE-2026-6203 User Registration & Membership <= 5.1.4 - Unauthenticated Open Redirect via 'redirect_to_on_logout' Parameter wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 6.1 2026-04-13 22:25:54 Deep Dive
CVE-2026-4979 UsersWP <= 1.2.58 - Authenticated (Subscriber+) Server-Side Request Forgery via 'uwp_crop' Parameter stiofansislandUsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP Medium 5.0 2026-04-11 01:25:00 Deep Dive
CVE-2026-4977 UsersWP <= 1.2.58 - Authenticated (Subscriber+) Restricted Usermeta Modification via 'htmlvar' Parameter stiofansislandUsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP Medium 4.3 2026-04-10 01:25:01 Deep Dive
CVE-2026-5742 UsersWP <= 1.2.60 - Authenticated (Subscriber+) Stored Cross-Site Scripting via User Badge Link Substitution stiofansislandUsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP Medium 6.4 2026-04-09 03:25:58 Deep Dive
CVE-2026-1865 User Registration & Membership <= 5.1.2 - Authenticated (Subscriber+) SQL Injection via membership_ids[] wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 6.5 2026-04-08 11:16:57 Deep Dive
CVE-2026-5543 PHPGurukul User Registration & Login and User Management System yesterday-reg-users.php sql injection PHPGurukulUser Registration & Login and User Management System Medium 6.3 2026-04-05 04:30:14 Deep Dive
CVE-2026-3309 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.16.11 - Unauthenticated Arbitrary Shortcode Execution via Checkout Billing Fields properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.5 2026-04-04 11:16:15 Deep Dive
CVE-2026-3445 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.16.11 - Missing Authorization to Authenticated (Subscriber+) Membership Payment Bypass properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress High 7.1 2026-04-04 08:25:20 Deep Dive
CVE-2025-15064 Ultimate Member <= 2.11.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via DOM Gadgets ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Medium 6.4 2026-04-04 07:41:57 Deep Dive
CVE-2026-4248 Ultimate Member <= 2.11.2 - Authenticated (Contributor+) Sensitive Information Exposure to Account Takeover via Shortcode Template Tag ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin High 8.0 2026-03-27 22:26:23 Deep Dive
CVE-2026-4056 User Registration & Membership <= 5.1.4 - Missing Authorization to Authenticated (Contributor+) Content Access Rule Manipulation wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 5.4 2026-03-23 23:25:50 Deep Dive
CVE-2026-3453 ProfilePress <= 4.16.11 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Subscription Cancellation/Expiration properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress High 8.1 2026-03-11 02:22:46 Deep Dive
CVE-2026-1492 User Registration & Membership <= 5.1.2 - Unauthenticated Privilege Escalation via Membership Registration wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Critical 9.8 2026-03-03 04:33:21 Deep Dive
CVE-2026-2356 User Registration & Membership <= 5.1.2 - Insecure Direct Object Reference to Unauthenticated Limited User Deletion wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 5.3 2026-02-26 02:23:56 Deep Dive
CVE-2026-1779 User Registration & Membership <= 5.1.2 - Authentication Bypass wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder High 8.1 2026-02-26 02:23:56 Deep Dive
CVE-2026-1404 Ultimate Member <= 2.11.1 - Reflected Cross-Site Scripting via Filter Parameters ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Medium 6.1 2026-02-18 14:24:59 Deep Dive
CVE-2025-14444 RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.6.9 - Unauthenticated Payment Bypass via rm_process_paypal_sdk_payment metagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login Medium 5.3 2026-02-18 10:20:48 Deep Dive
CVE-2020-36945 WebDamn User Registration & Login System with User Panel - SQLi Auth Bypass WEBDAMN.COMWebDamn User Registration & Login System with User Panel High 8.2 2026-01-28 17:35:07 Deep Dive
CVE-2026-1054 RegistrationMagic <= 6.0.7.4 - Missing Authorization to Unauthenticated Arbitrary Settings Modification metagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login Medium 5.3 2026-01-28 07:27:35 Deep Dive