浏览 99+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-5087 | PAGI::Middleware::Session::Store::Cookie versions through 0.001003 for Perl generates random bytes insecurely | JJNAPIORK | PAGI::Middleware::Session::Store::Cookie | - | - | 2026-03-31 16:03:08 | Deep Dive |
| CVE-2026-2389 | Complianz – GDPR/CCPA Cookie Consent <= 7.4.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Content Filter | complianz | Complianz – GDPR/CCPA Cookie Consent | Medium | 4.9 | 2026-03-26 13:26:07 | Deep Dive |
| CVE-2014-125112 | Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution | MIYAGAWA | Plack::Middleware::Session::Cookie | - | - | 2026-03-26 02:04:10 | Deep Dive |
| CVE-2025-11754 | Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent <= 4.1.2 - Missing Authorization to Sensitive Information Exposure | wplegalpages | Cookie Banner for GDPR / CCPA – WPLP Cookie Consent | High | 7.5 | 2026-02-19 03:25:13 | Deep Dive |
| CVE-2025-11185 | Complianz | GDPR/CCPA Cookie Consent <= 7.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | complianz | Complianz – GDPR/CCPA Cookie Consent | Medium | 6.4 | 2026-02-18 09:25:52 | Deep Dive |
| CVE-2026-1084 | Cookie consent for developers <= 1.7.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Multiple Settings Fields | lovor | Cookie consent for developers | Medium | 4.4 | 2026-01-24 07:26:47 | Deep Dive |
| CVE-2026-24604 | WordPress Simple GDPR Cookie Compliance plugin <= 2.0.0 - Broken Access Control vulnerability | themebeez | Simple GDPR Cookie Compliance | Medium | 5.3 | 2026-01-23 14:29:04 | Deep Dive |
| CVE-2026-22348 | WordPress Civic Cookie Control plugin <= 1.53 - Broken Access Control vulnerability | Tasos Fel | Civic Cookie Control | Medium | 5.3 | 2026-01-22 16:52:34 | Deep Dive |
| CVE-2025-66080 | WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 4.0.3 - Broken Access Control vulnerability | WP Legal Pages | WP Cookie Notice for GDPR, CCPA & ePrivacy Consent | Medium | 5.3 | 2025-12-30 16:10:41 | Deep Dive |
| CVE-2025-14061 | Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent <= 4.0.7 - Missing Authorization to Unauthenticated Arbitrary Post Deletion | wplegalpages | Cookie Banner for GDPR / CCPA – WPLP Cookie Consent | Medium | 5.3 | 2025-12-17 06:36:59 | Deep Dive |
| CVE-2025-66133 | WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 4.0.7 - Broken Access Control vulnerability | WP Legal Pages | WP Cookie Notice for GDPR, CCPA & ePrivacy Consent | Medium | 5.3 | 2025-12-16 08:12:55 | Deep Dive |
| CVE-2025-67554 | WordPress Cookie Notice & Compliance for GDPR / CCPA plugin <= 2.5.8 - Cross Site Scripting (XSS) vulnerability | Humanityco | Cookie Notice & Compliance for GDPR / CCPA | Medium | 5.9 | 2025-12-09 14:14:08 | Deep Dive |
| CVE-2025-11186 | Cookie Notice & Compliance for GDPR / CCPA <= 2.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | humanityco | Cookie Notice & Compliance for GDPR / CCPA | Medium | 6.4 | 2025-11-22 05:07:43 | Deep Dive |
| CVE-2025-66075 | WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 4.0.3 - Broken Access Control vulnerability | WP Legal Pages | WP Cookie Notice for GDPR, CCPA & ePrivacy Consent | Medium | 4.3 | 2025-11-21 12:29:57 | Deep Dive |
| CVE-2025-53316 | WordPress WP GDPR Cookie Consent plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability | Shahjahan Jewel | WP GDPR Cookie Consent | High | 7.1 | 2025-11-06 15:54:05 | Deep Dive |
| CVE-2025-49390 | WordPress Cookie Notice & Consent plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability | christophrado | Cookie Notice & Consent | High | 7.1 | 2025-11-06 15:53:52 | Deep Dive |
| CVE-2025-12045 | Orbit Fox Companion <= 3.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Post Taxonomy | themeisle | Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More | Medium | 6.4 | 2025-11-04 11:19:28 | Deep Dive |
| CVE-2025-12136 | Real Cookie Banner: GDPR & ePrivacy Cookie Consent <= 5.2.4 - Authenticated (Admin+) Server-Side Request Forgery via scan-without-login Endpoint | devowl | Real Cookie Banner: GDPR & ePrivacy Cookie Consent | Medium | 6.8 | 2025-10-24 09:23:30 | Deep Dive |
| CVE-2025-10874 | Orbit Fox < 3.0.2 - Author+ Server-Side Request Forgery | Unknown | Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More | 中危 | - | 2025-10-24 06:00:09 | Deep Dive |
| CVE-2025-10496 | Cookie Notice & Consent <= 1.6.5 - Unauthenticated Stored Cross-Site Scripting | christophrado | Cookie Notice & Consent | High | 7.2 | 2025-10-09 02:09:54 | Deep Dive |