浏览 9+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-15019 | BIALTY - Bulk Image Alt Text (Alt tag, Alt Attribute) with Yoast SEO + WooCommerce <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | pagup | Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO) | Medium | 6.4 | 2026-01-09 06:34:52 | Deep Dive |
| CVE-2025-58791 | WordPress SEO Auto Linker Plugin <= 1.5.3 - Cross Site Scripting (XSS) Vulnerability | Arjan Olsder | SEO Auto Linker | Medium | 5.9 | 2025-09-05 13:45:01 | Deep Dive |
| CVE-2025-27335 | WordPress Auto Tag Links Plugin <= 1.0.13 - Cross Site Request Forgery (CSRF) vulnerability | Free plug in by SEO Roma | Auto Tag Links | Medium | 4.3 | 2025-02-24 14:49:16 | Deep Dive |
| CVE-2025-25147 | WordPress Auto SEO plugin <= 2.5.6 - CSRF to Stored XSS vulnerability | Phillip.Gooch | Auto SEO | High | 7.1 | 2025-02-07 10:11:53 | Deep Dive |
| CVE-2024-12252 | SEO LAT Auto Post <= 2.2.1 - Missing Authorization to File Overwrite/Upload (Remote Code Execution) | seobeginner | SEO LAT Auto Post | Critical | 9.8 | 2025-01-07 04:22:02 | Deep Dive |
| CVE-2024-11009 | Internal Linking for SEO traffic & Ranking – Auto internal links (100% automatic) <= 1.2.1 - Authenticated (Administrator+) SQL Injection via post_id Parameter | pagup | Automatic Internal Links for SEO by Pagup | Medium | 4.9 | 2024-11-27 11:33:23 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-37941 | WordPress Internal Link Juicer: SEO Auto Linker for WordPress plugin <= 2.24.3 - Cross Site Request Forgery (CSRF) vulnerability | Internal Link Juicer | Internal Link Juicer: SEO Auto Linker for WordPress | Medium | 4.3 | 2024-07-12 13:42:38 | Deep Dive |
| CVE-2024-0657 | Internal Link Juicer <= 2.23.4 - Authenticated (Admin+) Stored Cross-Site Scripting | davidanderson | Internal Link Juicer: SEO Auto Linker for WordPress | Medium | 4.4 | 2024-02-09 04:31:55 | Deep Dive |