浏览 15+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4305 | Royal WordPress Backup & Restore Plugin <= 1.0.16 - Reflected Cross-Site Scripting via 'wpr_pending_template' Parameter | wproyal | Royal WordPress Backup, Restore & Migration Plugin – Backup WordPress Sites Safely | Medium | 6.1 | 2026-04-10 01:25:01 | Deep Dive |
| CVE-2025-10304 | Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin <= 2.3.8 - Missing Authorization to Unauthenticated Backup Failure | everestthemes | Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin | Medium | 5.3 | 2025-12-03 03:27:15 | Deep Dive |
| CVE-2025-11380 | Everest Backup <= 2.3.5 - Missing Authorization to Unauthenticated Information Exposure | everestthemes | Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin | Medium | 5.9 | 2025-10-11 02:24:52 | Deep Dive |
| CVE-2025-0215 | UpdraftPlus - Backup/Restore <= 1.24.12 - Reflected Cross-Site Scripting | davidanderson | UpdraftPlus: WP Backup & Migration Plugin | Medium | 6.1 | 2025-01-15 22:23:33 | Deep Dive |
| CVE-2024-10957 | UpdraftPlus: WP Backup & Migration Plugin 1.23.8 - 1.24.11 - Unauthenticated PHP Object Injection | davidanderson | UpdraftPlus: WP Backup & Migration Plugin | High | 8.8 | 2025-01-04 13:41:08 | Deep Dive |
| CVE-2024-10028 | Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin <= 2.2.13 - Sensitive Invormation Disclosure via procstat Log | everestthemes | Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin | High | 7.5 | 2024-11-05 23:28:42 | Deep Dive |
| CVE-2024-6210 | Duplicator <= 1.5.9 - Full Path Disclosure | smub | Duplicator – Backups & Migration Plugin – Cloud Backups, Scheduled Backups, & More | Medium | 5.3 | 2024-07-11 02:03:49 | Deep Dive |
| CVE-2024-3412 | WP STAGING WordPress Backup Plugin – Migration Backup Restore <= 3.4.3 - Authenticated (Admin+) Arbitrary File Upload | renehermi | WP STAGING – WordPress Backup, Restore & Migration | Critical | 9.1 | 2024-05-29 08:30:06 | Deep Dive |
| CVE-2024-3682 | WP STAGING <= 3.4.3 and WP STAGING Pro <= 5.4.3 - Sensitive Information Exposure via Log File | renehermi | WP STAGING – WordPress Backup, Restore & Migration | Medium | 5.3 | 2024-04-26 09:29:52 | Deep Dive |
| CVE-2023-51681 | WordPress Duplicator Plugin <= 1.5.7 is vulnerable to Cross Site Request Forgery (CSRF) | Duplicator | Duplicator – WordPress Migration & Backup Plugin | Medium | 6.5 | 2024-02-28 16:41:37 | Deep Dive |
| CVE-2023-52185 | WordPress Everest Backup Plugin <= 2.1.9 is vulnerable to Sensitive Data Exposure | Everestthemes | Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin | Medium | 5.3 | 2023-12-31 16:50:39 | Deep Dive |
| CVE-2023-5982 | UpdraftPlus <= 1.23.10 - Cross-Site Request Forgery to Google Drive Storage Update | davidanderson | UpdraftPlus: WP Backup & Migration Plugin | Medium | 5.4 | 2023-11-07 20:31:57 | Deep Dive |
| CVE-2022-27844 | WordPress WPvivid plugin <= 0.9.70 - Arbitrary File Read vulnerability | WPvivid Team | Migration, Backup, Staging – WPvivid (WordPress plugin) | Low | 2.7 | 2022-04-11 19:38:16 | Deep Dive |
| CVE-2021-24994 | WPvivid Backup and Migration Plugin < 0.9.69 - Unauthenticated Stored Cross-Site Scripting | Unknown | Migration, Backup, Staging – WPvivid Backup and Migration Plugin | 中危 | - | 2022-02-28 09:06:27 | Deep Dive |
| CVE-2021-36884 | WordPress Backup Migration plugin <= 1.1.5 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability | Backupbliss | Backup Migration (WordPress plugin) | Medium | 4.8 | 2021-11-19 18:19:34 | Deep Dive |