| CVE-2026-3569 | Liaison Site Prober ≤1.2.1 未授权信息泄露漏洞 | liaison | Liaison Site Prober | 中危 | 5.3 | 2026-04-24 07:45:09 | 深度分析 |
| CVE-2026-3565 | Taqnix ≤1.0.3 CSRF致账户删除漏洞 | taqnix | Taqnix | 中危 | 4.3 | 2026-04-24 07:45:08 | 深度分析 |
| CVE-2026-4078 | ITERAS ≤1.8.2 授权用户存储型XSS漏洞 | iteras | ITERAS | 中危 | 6.4 | 2026-04-24 07:45:08 | 深度分析 |
| CVE-2025-11762 | HubSpot营销插件≤11.3.32 授权缺失致已装插件泄露漏洞 | hubspotdev | HubSpot All-In-One Marketing – Forms, Popups, Live Chat | 中危 | 4.3 | 2026-04-24 07:45:07 | 深度分析 |
| CVE-2026-1951 | AS320T目录名缓冲区长度未检查致漏洞 | DeltaWW | AS320T | 超危 | 9.8 | 2026-04-24 06:13:36 | 深度分析 |
| CVE-2026-1952 | AS320T 未文档子函数致拒绝服务漏洞 | DeltaWW | AS320T | 超危 | 9.8 | 2026-04-24 06:08:59 | 深度分析 |
| CVE-2026-1950 | AS320T 文件名缓冲区长度未检远程代码执行漏洞 | DeltaWW | AS320T | 超危 | 9.8 | 2026-04-24 05:56:52 | 深度分析 |
| CVE-2026-1949 | AS320T 栈缓冲区大小计算错误 越界写漏洞 | DeltaWW | AS320T | 超危 | 9.8 | 2026-04-24 05:50:48 | 深度分析 |
| CVE-2026-5428 | Elementor Royal插件≤1.7.1056 存储型XSS漏洞 | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | 中危 | 6.4 | 2026-04-24 05:29:39 | 深度分析 |
| CVE-2026-6810 | Booking Calendar Contact Form ≤1.2.63 认证越权直接对象引用接管漏洞 | codepeople | Booking Calendar Contact Form | 中危 | 5.3 | 2026-04-24 05:29:38 | 深度分析 |
| CVE-2026-5347 | WordPress WP Books Gallery ≤4.8.0 未授权设置更新漏洞 | mhmrajib | WP Books Gallery – Build Stunning Book Showcases & Libraries in Minutes | 中危 | 5.3 | 2026-04-24 05:29:38 | 深度分析 |
| CVE-2026-5364 | Contact Form 7 ≤1.1.3 未授权任意文件上传漏洞 | addonsorg | Drag and Drop File Upload for Contact Form 7 | 高危 | 8.1 | 2026-04-24 05:29:37 | 深度分析 |
| CVE-2026-6947 | D-Link DWM-222W 弱口令防护绕过漏洞 | D-Link | DWM-222W | 高危 | 7.5 | 2026-04-24 03:46:15 | 深度分析 |
| CVE-2026-41324 | basic-ftp 内存无界致DoS漏洞 客户端列表功能 | patrickjuchli | basic-ftp | 高危 | 7.5 | 2026-04-24 03:28:49 | 深度分析 |
| CVE-2026-41485 | Kyverno Controller forEach 拒绝服务漏洞 | kyverno | kyverno | 高危 | 7.7 | 2026-04-24 03:27:09 | 深度分析 |
| CVE-2026-2028 | Maxi Blocks ≤2.1.8 认证用户媒体删除未授权漏洞 | ckp267 | MaxiBlocks Builder | 17,000+ Design Assets, Patterns, Icons & Starter Sites | 中危 | 5.3 | 2026-04-24 03:27:07 | 深度分析 |
| CVE-2026-6393 | BetterDocs ≤4.3.11 授权缺失致未授权AI API调用漏洞 | wpdevteam | BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor | 中危 | 4.3 | 2026-04-24 03:27:06 | 深度分析 |
| CVE-2026-5488 | ExactMetrics ≤9.1.2 越权获取Google Ads令牌漏洞 | smub | ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin) | 中危 | 5.3 | 2026-04-24 03:27:06 | 深度分析 |
| CVE-2026-41323 | Kyverno API调用外泄ServiceAccount令牌漏洞 | kyverno | kyverno | 高危 | 8.1 | 2026-04-24 03:21:36 | 深度分析 |
| CVE-2026-41068 | Kyverno 跨命名空间RBAC绕过未修复漏洞 | kyverno | kyverno | 高危 | 7.7 | 2026-04-24 03:14:28 | 深度分析 |