浏览 37+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-31938 | jsPDF has HTML Injection in New Window paths | parallax | jsPDF | Critical | 9.6 | 2026-03-18 03:05:45 | Deep Dive |
| CVE-2026-31898 | jsPDF has a PDF Object Injection via FreeText color | parallax | jsPDF | High | 8.1 | 2026-03-18 03:03:43 | Deep Dive |
| CVE-2026-25940 | jsPDF's PDF Injection in AcroForm module allows Arbitrary JavaScript Execution (RadioButton.createOption and "AS" property) | parallax | jsPDF | High | 8.1 | 2026-02-19 15:26:58 | Deep Dive |
| CVE-2026-25755 | jsPDF has PDF Object Injection via Unsanitized Input in addJS Method | parallax | jsPDF | High | 8.1 | 2026-02-19 14:41:47 | Deep Dive |
| CVE-2026-25535 | jsPDF Affected by Client-Side/Server-Side Denial of Service via Malicious GIF Dimensions | parallax | jsPDF | 高危 | - | 2026-02-19 14:34:06 | Deep Dive |
| CVE-2026-24040 | jsPDF has a Shared State Race Condition in addJS Plugin | parallax | jsPDF | - | - | 2026-02-02 20:38:25 | Deep Dive |
| CVE-2026-24043 | jsPDF Affected by Stored XMP Metadata Injection (Spoofing & Integrity Violation) | parallax | jsPDF | - | - | 2026-02-02 20:34:51 | Deep Dive |
| CVE-2026-24133 | jsPDF Affected by Denial of Service (DoS) via Unvalidated BMP Dimensions in BMPDecoder | parallax | jsPDF | - | - | 2026-02-02 20:32:38 | Deep Dive |
| CVE-2026-24737 | jsPDF has a PDF Injection in AcroFormChoiceField which allows Arbitrary JavaScript Execution | parallax | jsPDF | High | 8.1 | 2026-02-02 20:29:05 | Deep Dive |
| CVE-2025-68428 | jsPDF has Local File Inclusion/Path Traversal vulnerability | parallax | jsPDF | 高危 | - | 2026-01-05 21:43:55 | Deep Dive |
| CVE-2025-60079 | WordPress Parallax Section block plugin <= 1.0.9 - Broken Authentication vulnerability | bPlugins | Parallax Section block | High | 7.1 | 2025-12-18 07:22:07 | Deep Dive |
| CVE-2025-58831 | WordPress Parallax Scrolling Enllax.js Plugin <= 0.0.6 - Cross Site Request Forgery (CSRF) Vulnerability | snagysandor | Parallax Scrolling Enllax.js | Medium | 4.3 | 2025-09-05 13:45:25 | Deep Dive |
| CVE-2025-58830 | WordPress Parallax Scrolling Enllax.js Plugin <= 0.0.6 - Cross Site Scripting (XSS) Vulnerability | snagysandor | Parallax Scrolling Enllax.js | Medium | 6.5 | 2025-09-05 13:45:24 | Deep Dive |
| CVE-2025-57810 | jsPDF Parsing of Corrupt PNGs Leads to Potential Denial of Service (DoS) | parallax | jsPDF | - | - | 2025-08-26 15:37:28 | Deep Dive |
| CVE-2025-30599 | WordPress WP Parallax Content Slider plugin <= 0.9.8 - Cross Site Scripting (XSS) vulnerability | wp-maverick | WP Parallax Content Slider | Medium | 5.9 | 2025-03-24 13:47:20 | Deep Dive |
| CVE-2025-29907 | jsPDF Bypass Regular Expression Denial of Service (ReDoS) | parallax | jsPDF | 高危 | - | 2025-03-18 18:40:58 | Deep Dive |
| CVE-2025-22330 | WordPress MG Parallax Slider plugin <= 1.0. - Reflected Cross Site Scripting (XSS) vulnerability | Mahesh Waghmare | MG Parallax Slider | High | 7.1 | 2025-01-09 15:39:32 | Deep Dive |
| CVE-2024-11224 | Parallax Image <= 1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via position Parameter | thehowarde | Parallax Image | Medium | 6.4 | 2024-11-19 12:45:29 | Deep Dive |
| CVE-2024-49334 | WordPress jLayer Parallax Slider plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability | Unizoe Web Solutions | jLayer Parallax Slider | High | 7.1 | 2024-10-20 07:52:29 | Deep Dive |
| CVE-2024-9898 | Parallax Image <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via dd-parallax Shortcode | thehowarde | Parallax Image | Medium | 6.4 | 2024-10-17 11:03:55 | Deep Dive |