浏览 31+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-28562 | wpForo Forum 2.4.14 SQL Injection via Topics ORDER BY Parameter | gVectors Team | wpForo Forum | High | 8.2 | 2026-02-28 21:47:42 | Deep Dive |
| CVE-2026-28561 | wpForo Forum 2.4.14 Stored XSS via Unescaped Forum Description in Templates | gVectors Team | wpForo Forum | Medium | 5.5 | 2026-02-28 21:47:41 | Deep Dive |
| CVE-2026-28560 | wpForo Forum 2.4.14 Stored XSS via Unsafe JSON Encoding in Inline Script | gVectors Team | wpForo Forum | Medium | 5.5 | 2026-02-28 21:47:40 | Deep Dive |
| CVE-2026-28559 | wpForo Forum 2.4.14 Information Disclosure via Global RSS Feed | gVectors Team | wpForo Forum | Medium | 5.3 | 2026-02-28 21:47:39 | Deep Dive |
| CVE-2026-28558 | wpForo Forum 2.4.14 Stored XSS via SVG Avatar File Upload | gVectors Team | wpForo Forum | Medium | 6.4 | 2026-02-28 21:47:38 | Deep Dive |
| CVE-2026-28557 | wpForo Forum 2.4.14 Privilege Escalation via Role Synchronization Handler | gVectors Team | wpForo Forum | Medium | 6.5 | 2026-02-28 21:47:37 | Deep Dive |
| CVE-2026-28555 | wpForo Forum 2.4.14 Missing Authorization via Topic Close AJAX Handler | gVectors Team | wpForo Forum | Medium | 4.3 | 2026-02-28 21:47:36 | Deep Dive |
| CVE-2026-28556 | wpForo Forum 2.4.14 Missing Authorization via Topic Management Form Handlers | gVectors Team | wpForo Forum | Medium | 5.4 | 2026-02-28 21:47:36 | Deep Dive |
| CVE-2026-28554 | wpForo Forum 2.4.14 Missing Authorization via Post Approval AJAX Handler | gVectors Team | wpForo Forum | Medium | 4.3 | 2026-02-28 21:47:34 | Deep Dive |
| CVE-2024-43289 | WordPress wpForo Forum plugin <= 2.3.4 - Unauthenticated Sensitive Data Exposure vulnerability | gVectors Team | wpForo Forum | High | 7.5 | 2024-08-26 16:06:02 | Deep Dive |
| CVE-2024-43288 | WordPress wpForo Forum plugin <= 2.3.4 - Insecure Direct Object References (IDOR) vulnerability | gVectors Team | wpForo Forum | Medium | 4.3 | 2024-08-18 21:33:37 | Deep Dive |
| CVE-2022-38055 | WordPress wpForo Forum plugin <= 2.0.9 - Auth. HTML Injection vulnerability | gVectors Team | wpForo Forum | Medium | 4.3 | 2024-06-21 15:52:08 | Deep Dive |
| CVE-2024-35681 | WordPress wpDiscuz plugin <= 7.6.18 - Cross Site Scripting (XSS) vulnerability | gVectors Team | wpDiscuz | Medium | 6.5 | 2024-06-08 15:00:14 | Deep Dive |
| CVE-2023-46310 | WordPress wpDiscuz plugin <= 7.6.10 - Content Injection vulnerability | gVectors Team | wpDiscuz | Medium | 5.3 | 2024-06-04 09:19:42 | Deep Dive |
| CVE-2023-51691 | WordPress wpDiscuz Plugin <= 7.6.12 is vulnerable to Cross Site Scripting (XSS) | gVectors Team | Comments – wpDiscuz | Medium | 5.9 | 2024-02-01 10:57:47 | Deep Dive |
| CVE-2023-46311 | WordPress wpDiscuz Plugin <= 7.6.3 is vulnerable to Insecure Direct Object References (IDOR) | gVectors Team | Comments – wpDiscuz | Low | 2.7 | 2023-12-20 13:32:29 | Deep Dive |
| CVE-2023-49759 | WordPress WooDiscuz – WooCommerce Comments Plugin <= 2.3.0 is vulnerable to Cross Site Request Forgery (CSRF) | gVectors Team | WooDiscuz – WooCommerce Comments | Medium | 5.4 | 2023-12-18 22:19:52 | Deep Dive |
| CVE-2023-47870 | WordPress wpForo Forum Plugin <= 2.2.6 is vulnerable to Broken Access Control and Cross Site Request Forgery (CSRF) | gVectors Team | wpForo Forum | High | 7.1 | 2023-11-30 17:26:37 | Deep Dive |
| CVE-2023-47872 | WordPress wpForo Forum Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS) | gVectors Team | wpForo Forum | Medium | 6.5 | 2023-11-30 16:46:53 | Deep Dive |
| CVE-2023-47775 | WordPress wpDiscuz Plugin <= 7.6.11 is vulnerable to Cross Site Request Forgery (CSRF) | gVectors Team | Comments — wpDiscuz | Medium | 4.3 | 2023-11-22 18:23:55 | Deep Dive |