CWE-89 SQL命令中使用的特殊元素转义处理不恰当(SQL注入) 类弱点 8863 条 CVE 漏洞汇总,含 AI 中文分析。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2025-9322 | WordPress plugin WP Full Pay SQL注入漏洞 — Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions | 7.5 | High | 2025-10-25 |
| CVE-2025-11893 | WordPress plugin Charitable 安全漏洞 — Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More | 6.5 | Medium | 2025-10-25 |
| CVE-2025-8536 | Studio Fabryka DobryCMS SQL注入漏洞 — DobryCMS | 9.8 | - | 2025-10-24 |
| CVE-2025-11253 | Aksis Netty ERP SQL注入漏洞 — Netty ERP | 9.8 | Critical | 2025-10-24 |
| CVE-2025-10748 | WordPress plugin RapidResult SQL注入漏洞 — RapidResult | 6.5 | Medium | 2025-10-24 |
| CVE-2025-10740 | WordPress plugin URL Shortener Plugin For WordPress 安全漏洞 — URL Shortener Plugin For WordPress | 6.3 | Medium | 2025-10-24 |
| CVE-2025-62617 | Admidio SQL注入漏洞 — admidio | 7.2 | High | 2025-10-22 |
| CVE-2025-62606 | my little forum 安全漏洞 — mylittleforum | 8.8 | High | 2025-10-22 |
| CVE-2025-62015 | WordPress plugin Advanced Coupons for WooCommerce Coupons SQL注入漏洞 — Advanced Coupons for WooCommerce Coupons | 7.6 | High | 2025-10-22 |
| CVE-2025-59557 | WordPress plugin Learts Addons SQL注入漏洞 — Learts Addons | 9.3 | Critical | 2025-10-22 |
| CVE-2025-49931 | WordPress plugin JetSearch SQL注入漏洞 — JetSearch | 9.3 | Critical | 2025-10-22 |
| CVE-2025-49915 | WordPress plugin SMS Alert Order Notifications SQL注入漏洞 — SMS Alert Order Notifications | 9.3 | Critical | 2025-10-22 |
| CVE-2025-49378 | WordPress plugin Hydra Booking 安全漏洞 — Hydra Booking | 8.5 | High | 2025-10-22 |
| CVE-2025-48091 | WordPress Plugin AnyComment 安全漏洞 — AnyComment | 8.5 | High | 2025-10-22 |
| CVE-2025-57870 | Esri ArcGIS Server SQL注入漏洞 — ArcGIS Server | 10.0 | Critical | 2025-10-22 |
| CVE-2025-10047 | WordPress plugin Email Tracker SQL注入漏洞 — Email Tracker | 4.9 | Medium | 2025-10-22 |
| CVE-2025-9339 | SIMPLE.ERP SQL注入漏洞 — SIMPLE.ERP | 7.1AI | HighAI | 2025-10-21 |
| CVE-2025-9428 | ZOHO ManageEngine Analytics Plus 安全漏洞 — Analytics Plus | 8.3 | High | 2025-10-21 |
| CVE-2025-26392 | SolarWinds Observability Self-Hosted SQL注入漏洞 — Observability Self-Hosted | 5.4 | Medium | 2025-10-21 |
| CVE-2025-62658 | MediaWiki - WatchAnalytics extension 安全漏洞 — MediaWiki WatchAnalytics extension | 9.8AI | CriticalAI | 2025-10-20 |
| CVE-2025-47902 | Microchip TimeProvider 4100 安全漏洞 — Time Provider 4100 | 9.8AI | CriticalAI | 2025-10-20 |
| CVE-2025-41028 | Grupo Castilla Epsilon RH 安全漏洞 — Epsilon RH | 9.8AI | CriticalAI | 2025-10-20 |
| CVE-2025-11944 | Vvveb SQL注入漏洞 — Vvveb | 4.7 | Medium | 2025-10-19 |
| CVE-2025-11691 | WordPress plugin PPOM – Product Addons & Custom Fields for WooCommerce SQL注入漏洞 — PPOM – Product Addons & Custom Fields for WooCommerce | 7.5 | High | 2025-10-18 |
| CVE-2025-10187 | WordPress plugin GSpeech TTS – WordPress Text To Speech Plugin SQL注入漏洞 — GSpeech TTS – WordPress Text To Speech Plugin | 4.9 | Medium | 2025-10-18 |
| CVE-2025-62655 | Mediawiki - Cargo Extension 安全漏洞 — MediaWiki Cargo extension | 9.8AI | CriticalAI | 2025-10-17 |
| CVE-2025-11912 | Streamax Crocus SQL注入漏洞 — Streamax Crocus | 6.3 | Medium | 2025-10-17 |
| CVE-2025-11911 | Streamax Crocus SQL注入漏洞 — Streamax Crocus | 6.3 | Medium | 2025-10-17 |
| CVE-2025-11910 | Streamax Crocus SQL注入漏洞 — Streamax Crocus | 6.3 | Medium | 2025-10-17 |
| CVE-2025-11909 | Streamax Crocus SQL注入漏洞 — Streamax Crocus | 6.3 | Medium | 2025-10-17 |
CWE-89(SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) 是常见的弱点类别,本平台收录该类弱点关联的 8863 条 CVE 漏洞。