浏览 11+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-27004 | WordPress Famous - Responsive Image And Video Grid Gallery WordPress Plugin plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability | LambertGroup | Famous - Responsive Image And Video Grid Gallery WordPress Plugin | High | 7.1 | 2026-01-08 09:17:42 | Deep Dive |
| CVE-2024-6256 | Feeds for YouTube (YouTube video, channel, and gallery plugin) <= 2.2.1 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | smub | Feeds for YouTube (YouTube video, channel, and gallery plugin) | Medium | 6.4 | 2024-07-11 06:43:13 | Deep Dive |
| CVE-2024-35770 | WordPress Vimeography plugin <= 2.4.1 - Cross Site Request Forgery (CSRF) vulnerability | Dave Kiss | Vimeography: Vimeo Video Gallery WordPress Plugin | Medium | 4.3 | 2024-06-21 13:10:24 | Deep Dive |
| CVE-2024-3268 | YouTube Video Gallery by YouTube Showcase – Video Gallery Plugin for WordPress <= 3.3.6 - Missing Authorization to Arbitrary Post/Page Creation | emarket-design | Video Gallery – YouTube Gallery & Responsive Video Playlist | Medium | 5.3 | 2024-05-21 11:33:17 | Deep Dive |
| CVE-2024-0825 | Vimeography: Vimeo Video Gallery WordPress Plugin <= 2.3.2 - Authenticated (Contributor+) PHP Object Injection | videogallery | Vimeography: Vimeo Video Gallery WordPress Plugin | High | 8.8 | 2024-03-05 01:56:02 | Deep Dive |
| CVE-2023-49178 | WordPress HDW Player Plugin (Video Player & Video Gallery) Plugin <= 5.0 is vulnerable to Cross Site Scripting (XSS) | Mr. Hdwplayer | HDW Player Plugin (Video Player & Video Gallery) | High | 7.1 | 2023-12-15 14:40:47 | Deep Dive |
| CVE-2023-45069 | WordPress Video Gallery – YouTube Gallery Plugin <= 2.1.3 is vulnerable to SQL Injection | Video Gallery by Total-Soft | Video Gallery – Best WordPress YouTube Gallery Plugin | 超危 | - | 2023-11-06 08:42:03 | Deep Dive |
| CVE-2023-4841 | Feeds for YouTube <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | smub | Feeds for YouTube (YouTube video, channel, and gallery plugin) | Medium | 6.4 | 2023-09-14 02:29:50 | Deep Dive |
| CVE-2015-10109 | Video Playlist and Gallery Plugin wp-media-cincopa.php cross-site request forgery | - | Video Playlist and Gallery Plugin | Medium | 4.3 | 2023-06-01 13:00:05 | Deep Dive |
| CVE-2022-35726 | WordPress Video Gallery plugin <= 1.3.4.5 - Broken Authentication vulnerability | yotuwp | Video Gallery (WordPress plugin) | Medium | 4.3 | 2022-08-23 15:47:56 | Deep Dive |
| CVE-2021-24415 | Polo Video Gallery <= 1.2 - Contributor+ Stored Cross-Site Scripting | Unknown | Polo Video Gallery – Best wordpress video gallery plugin | 中危 | - | 2021-10-18 13:45:40 | Deep Dive |