浏览 4+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-13695 | Enfold <= 6.0.9 - Authenticated (Subscriber+) Server-Side Request Forgery via attachment_id | Kriesi | Enfold - Responsive Multi-Purpose Theme | Medium | 6.4 | 2025-02-25 09:21:34 | Deep Dive |
| CVE-2024-13693 | Enfold <= 6.0.9 - Missing Authorization to Sensitive Information Disclosure in avia-export-class.php | Kriesi | Enfold - Responsive Multi-Purpose Theme | Medium | 5.3 | 2025-02-25 09:21:33 | Deep Dive |
| CVE-2024-5061 | Enfold <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wrapper_class and class Parameters | Kriesi | Enfold - Responsive Multi-Purpose Theme | Medium | 6.4 | 2024-08-30 03:24:15 | Deep Dive |
| CVE-2023-38400 | WordPress Enfold Theme <= 5.6.4 is vulnerable to Cross Site Scripting (XSS) | Kriesi | Enfold - Responsive Multi-Purpose Theme | High | 7.1 | 2023-11-30 16:57:17 | Deep Dive |