浏览 8+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-1463 | Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery <= 4.0.4 - Authenticated (Author+) Local File Inclusion | smub | Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery | High | 8.8 | 2026-03-18 16:26:27 | Deep Dive |
| CVE-2025-13641 | Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery <= 3.59.12 - Authenticated (Contributor+) Local File Inclusion via 'template' | smub | Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery | High | 8.8 | 2025-12-18 09:21:29 | Deep Dive |
| CVE-2025-2537 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via ThickBox JavaScript Library | wpdevart | YouTube Embed, Playlist and Popup by WpDevArt | Medium | 6.4 | 2025-07-03 12:23:09 | Deep Dive |
| CVE-2024-5878 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via SimpleLightbox JavaScript Library | aknieriem | Simplelightbox | Medium | 6.4 | 2025-05-20 07:22:30 | Deep Dive |
| CVE-2024-10545 | NextGEN Gallery < 3.59.9 - Admin+ Stored XSS | Unknown | Photo Gallery, Sliders, Proofing and Themes | 低危 | - | 2025-02-25 06:00:05 | Deep Dive |
| CVE-2024-5020 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library | extendthemes | Colibri Page Builder | Medium | 6.4 | 2024-12-04 08:22:47 | Deep Dive |
| CVE-2024-6393 | NextGEN Gallery < 3.59.5 - Admin+ Stored XSS | Unknown | Photo Gallery, Sliders, Proofing and Themes | - | - | 2024-11-25 06:00:06 | Deep Dive |
| CVE-2024-5442 | NextGEN Gallery < 3.59.3 - Admin+ Stored XSS | Unknown | Photo Gallery, Sliders, Proofing and Themes | - | - | 2024-07-13 06:00:12 | Deep Dive |