浏览 15+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-14001 | WP Duplicate Page <= 1.8 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Duplication | ninjateam | WP Duplicate Page | Medium | 5.4 | 2026-01-13 11:21:20 | Deep Dive |
| CVE-2025-13404 | atec Duplicate Page & Post <= 1.2.20 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Duplication and Data Exposure | docjojo | atec Duplicate Page & Post | Medium | 5.3 | 2025-11-25 07:28:24 | Deep Dive |
| CVE-2025-12481 | WP Duplicate Page <= 1.7 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Disclosure | ninjateam | WP Duplicate Page | Medium | 4.3 | 2025-11-18 09:27:38 | Deep Dive |
| CVE-2025-12045 | Orbit Fox Companion <= 3.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Post Taxonomy | themeisle | Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More | Medium | 6.4 | 2025-11-04 11:19:28 | Deep Dive |
| CVE-2025-10874 | Orbit Fox < 3.0.2 - Author+ Server-Side Request Forgery | Unknown | Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More | 中危 | - | 2025-10-24 06:00:09 | Deep Dive |
| CVE-2025-6189 | Duplicate Page and Post <= 2.9.5 - Authenticated (Contributor+) SQL Injection via meta_key Parameter | arjunthakur | Duplicate Page and Post | Medium | 6.5 | 2025-09-10 06:38:46 | Deep Dive |
| CVE-2025-31466 | WordPress Duplicate Page and Post plugin <= 1.0 - SQL Injection Vulnerability | Falcon Solutions | Duplicate Page and Post | High | 8.5 | 2025-03-28 11:54:06 | Deep Dive |
| CVE-2025-31471 | WordPress Duplicate Page and Post plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability | Falcon Solutions | Duplicate Page and Post | Medium | 5.9 | 2025-03-28 11:54:04 | Deep Dive |
| CVE-2024-12538 | Duplicate Post, Page and Any Custom Post <= 3.5.5 - Authenticated (Contributor+) Post Disclosure via Post Duplication | binsaifullah | Duplicate Post, Page and Any Custom Post | Medium | 4.3 | 2025-01-07 03:22:00 | Deep Dive |
| CVE-2023-36526 | WordPress Duplicate Post Page Menu & Custom Post Type plugin <= 3.0.1 - Broken Access Control vulnerability | Attinder Singh | Duplicate Post Page Menu & Custom Post Type | Medium | 5.4 | 2024-12-13 14:23:44 | Deep Dive |
| CVE-2023-4792 | Duplicate Post Page Menu & Custom Post Type <= 2.3.1 - Missing Authorization to Post Duplication | inqsys | Duplicate Post Page Menu & Custom Post Type | Medium | 4.3 | 2023-09-07 01:52:17 | Deep Dive |
| CVE-2022-2152 | Duplicate Page and Post Plugin < 2.8 - Admin+ Stored Cross-Site Scripting | Unknown | Duplicate Page and Post | 中危 | - | 2022-08-15 08:36:07 | Deep Dive |
| CVE-2022-2093 | WP Duplicate Page < 1.3 - Admin+ Stored Cross Site Scripting | Unknown | WP Duplicate Page | 中危 | - | 2022-07-11 12:57:32 | Deep Dive |
| CVE-2021-25075 | Duplicate Page or Post < 1.5.1 - Arbitrary Settings Update to Stored XSS | Unknown | Duplicate Page or Post | 低危 | - | 2022-02-21 10:45:50 | Deep Dive |
| CVE-2021-24681 | Duplicate Page <= 4.4.2 - Admin+ Stored Cross-Site Scripting | Unknown | Duplicate Page | 中危 | - | 2021-10-11 10:45:37 | Deep Dive |