浏览 64+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-39660 | WordPress WP Job Manager plugin <= 2.4.1 - Broken Access Control vulnerability | Automattic | WP Job Manager | - | - | 2026-04-08 08:30:37 | Deep Dive |
| CVE-2026-3589 | WooCommerce < 10.5.3 - Arbitrary Admin User Creation via CSRF | Automattic | WooCommerce | 中危 | - | 2026-03-06 09:11:11 | Deep Dive |
| CVE-2026-22356 | WordPress Jetpack CRM plugin <= 6.7.0 - Local File Inclusion vulnerability | Automattic | Jetpack CRM | - | - | 2026-02-20 15:47:01 | Deep Dive |
| CVE-2026-25404 | WordPress WP Job Manager plugin <= 2.4.0 - Broken Access Control vulnerability | Automattic | WP Job Manager | - | - | 2026-02-19 08:27:04 | Deep Dive |
| CVE-2023-54332 | Jetpack 11.4 - Cross Site Scripting (XSS) | Automattic | Jetpack | Medium | 6.1 | 2026-01-13 22:56:40 | Deep Dive |
| CVE-2023-52212 | WordPress WP Job Manager plugin <= 2.0.0 - Cross Site Request Forgery (CSRF) vulnerability | Automattic | WP Job Manager | Medium | 5.4 | 2026-01-05 13:32:31 | Deep Dive |
| CVE-2025-69015 | WordPress Crowdsignal Forms plugin <= 1.7.2 - Broken Access Control vulnerability | Automattic | Crowdsignal Forms | Low | 3.8 | 2025-12-30 10:47:54 | Deep Dive |
| CVE-2025-15033 | WooCommerce - Subscriber/Customer+ Order Data Disclosure | Automattic | WooCommerce | - | - | 2025-12-22 18:57:40 | Deep Dive |
| CVE-2023-7320 | WooCommerce <= 7.8.2 - Sensitive Information Exposure | automattic | WooCommerce | Medium | 5.3 | 2025-10-29 06:45:49 | Deep Dive |
| CVE-2025-49042 | WordPress WooCommerce plugin <= 10.0.2 - Cross Site Scripting (XSS) vulnerability | Automattic | WooCommerce | Medium | 5.9 | 2025-10-29 04:50:13 | Deep Dive |
| CVE-2025-57924 | WordPress Developer Plugin <= 1.2.6 - Cross Site Request Forgery (CSRF) Vulnerability | Automattic | Developer | Medium | 4.3 | 2025-09-22 18:25:10 | Deep Dive |
| CVE-2025-49325 | WordPress Newspack Newsletters plugin <= 3.13.0 - Open Redirection Vulnerability | Automattic | Newspack Newsletters | Medium | 4.7 | 2025-06-06 12:53:56 | Deep Dive |
| CVE-2025-5062 | WooCommerce <= 9.4.2 - PostMessage-Based Cross-Site Scripting | automattic | WooCommerce | Medium | 6.1 | 2025-05-22 03:42:08 | Deep Dive |
| CVE-2024-56006 | WordPress Jetpack Debug Tools plugin < 2.0.1 - Broken Access Control vulnerability | Automattic | Jetpack Debug Tools | Medium | 5.3 | 2025-05-15 18:24:38 | Deep Dive |
| CVE-2025-22740 | WordPress Sensei LMS plugin <= 4.24.4 - Broken Access Control vulnerability | Automattic | Sensei LMS | Medium | 5.3 | 2025-03-27 21:20:59 | Deep Dive |
| CVE-2025-26762 | WordPress WooCommerce plugin <= 9.7.0 - Cross Site Scripting (XSS) vulnerability | Automattic | WooCommerce | Medium | 5.9 | 2025-03-27 15:52:23 | Deep Dive |
| CVE-2024-37241 | WordPress WP Job Manager Resume Manager plugin <= 2.1.0 - Cross Site Request Forgery (CSRF) vulnerability | Automattic | WP Job Manager - Resume Manager | Medium | 4.3 | 2025-01-02 13:33:47 | Deep Dive |
| CVE-2024-37242 | WordPress Newspack Newsletters plugin <= 2.13.2 - Cross Site Request Forgery (CSRF) vulnerability | Automattic | Newspack Newsletters | Medium | 4.3 | 2025-01-02 12:00:44 | Deep Dive |
| CVE-2024-43338 | WordPress Crowdsignal Polls & Ratings plugin <= 3.1.3 - Cross Site Request Forgery (CSRF) vulnerability | Automattic | Crowdsignal Dashboard – Polls, Surveys & more | Medium | 4.3 | 2024-11-19 16:32:36 | Deep Dive |
| CVE-2024-10486 | Google for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info File | woocommerce | Google for WooCommerce | Medium | 5.3 | 2024-11-18 21:31:09 | Deep Dive |