access:pre-auth 类型相关 19008 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2023-37560 | ELECOM WRH 跨站脚本漏洞 — WRH-300WH-H | 6.1 | - | 2023-07-13 |
| CVE-2023-20185 | Cisco Nexus 9000 Series Fabric Switches 加密问题漏洞 — Cisco NX-OS System Software in ACI ModeCWE-330 | 7.4 | High | 2023-07-12 |
| CVE-2021-4427 | WordPress Plugin Vuukle Comments, Reactions, Share Bar, Revenue 跨站请求伪造漏洞 — Vuukle Comments, Reactions, Share Bar, RevenueCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2021-4426 | WordPress Plugin Absolute Reviews 跨站请求伪造漏洞 — Absolute ReviewsCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2020-36760 | WordPress Plugin Ocean Extra 跨站请求伪造漏洞 — Ocean ExtraCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2020-36761 | WordPress Plugin Top 10 跨站请求伪造漏洞 — WebberZone Top 10 — Popular PostsCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2021-4425 | WordPress Plugin Defender Security 跨站请求伪造漏洞 — Defender Security – Malware Scanner, Login Security & FirewallCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2021-4423 | WordPress Plugin RAYS Grid 跨站请求伪造漏洞 — RAYS GridCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2021-4424 | WordPress Plugin Slider Hero 跨站请求伪造漏洞 — Slider Hero with Video Background, AnimationCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2021-4421 | WordPress Plugin Advanced Popups 跨站请求伪造漏洞 — Advanced PopupsCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2021-4422 | WordPress Plugin POST SMTP Mailer 跨站请求伪造漏洞 — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile AppCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2020-36757 | WordPress Plugin WP Hotel Booking 跨站请求伪造漏洞 — WP Hotel BookingCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2020-36756 | WordPress Plugin 10WebAnalytics 跨站请求伪造漏洞 — 10WebAnalyticsCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2021-4420 | WordPress Plugin Sell Media 跨站请求伪造漏洞 — Sell MediaCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2021-4419 | WordPress Plugin WP-Backgrounds Lite 跨站请求伪造漏洞 — WP-Backgrounds LiteCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2023-3081 | WordPress Plugin WP Mail Logging 跨站脚本漏洞 — WP Mail LoggingCWE-79 | 7.2 | High | 2023-07-12 |
| CVE-2023-3087 | WordPress Plugin FluentSMTP 跨站脚本漏洞 — FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP ProviderCWE-79 | 7.2 | High | 2023-07-12 |
| CVE-2023-3166 | WordPress Plugin Lana Email Logger 跨站脚本漏洞 — Lana Email LoggerCWE-79 | 7.2 | High | 2023-07-12 |
| CVE-2023-3167 | WordPress Plugin Mail Queue 跨站脚本漏洞 — Mail QueueCWE-79 | 7.2 | High | 2023-07-12 |
| CVE-2023-2517 | WordPress Plugin Metform Elementor Contact Form Builder 跨站请求伪造漏洞 — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-352 | 5.4 | Medium | 2023-07-12 |
| CVE-2023-3202 | WordPress Plugin MStore API 跨站请求伪造漏洞 — MStore API – Create Native Android & iOS Apps On The CloudCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2020-36752 | WordPress Plugin Coming Soon & Maintenance Mode Page 跨站请求伪造漏洞 — Coming Soon & Maintenance Mode Page & Under ConstructionCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2023-3199 | WordPress Plugin MStore API 跨站请求伪造漏洞 — MStore API – Create Native Android & iOS Apps On The CloudCWE-352 | 4.3 | Medium | 2023-07-12 |
| CVE-2023-3088 | WordPress Plugin WP Mail Log 跨站脚本漏洞 — WP Mail LogCWE-79 | 7.2 | High | 2023-07-12 |
| CVE-2023-3092 | WordPress Plugin SMTP Mail 跨站脚本漏洞 — SMTP MailCWE-79 | 7.2 | High | 2023-07-12 |
| CVE-2023-3082 | WordPress Plugin Post SMTP 跨站脚本漏洞 — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile AppCWE-79 | 7.2 | High | 2023-07-12 |
| CVE-2023-3158 | WordPress Plugin Mail Control 跨站脚本漏洞 — Mail Control – Email Customizer, SMTP Deliverability, logging, open and click TrackingCWE-79 | 7.2 | High | 2023-07-12 |
| CVE-2023-3093 | WordPress Plugin YaySMTP 跨站脚本漏洞 — YaySMTP and Email Logs: Amazon SES, SendGrid, Outlook, Mailgun, Brevo, Google and Any SMTP ServiceCWE-79 | 7.2 | High | 2023-07-12 |
| CVE-2023-3168 | WordPress Plugin WP Reroute Email 跨站脚本漏洞 — WP Reroute EmailCWE-79 | 7.2 | High | 2023-07-12 |
| CVE-2023-3011 | WordPress Plugin ARMember 跨站请求伪造漏洞 — ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signupCWE-352 | 6.5 | Medium | 2023-07-12 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 19008 条 CVE 漏洞。