目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

access:pre-auth 标签下的 CVE 漏洞 19009

access:pre-auth 类型相关 19009 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2023-3011 WordPress Plugin ARMember 跨站请求伪造漏洞 — ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signupCWE-352 6.5 Medium2023-07-12
CVE-2023-3135 WordPress Plugin Mailtree Log Mail 跨站脚本漏洞 — Mailtree Log MailCWE-79 7.2 High2023-07-12
CVE-2023-3525 WordPress Plugin Getnet Argentina para Woocommerce 安全漏洞 — Getnet Argentina para Woocommerce 7.5 High2023-07-12
CVE-2023-3080 WordPress Plugin WP Mail Catcher 跨站脚本漏洞 — Mail logging – WP Mail CatcherCWE-79 7.2 High2023-07-12
CVE-2023-3122 WordPress Plugin GD Mail Queue 跨站脚本漏洞 — GD Mail QueueCWE-79 7.2 High2023-07-12
CVE-2021-4417 WordPress Plugin Forminator – Contact Form, Payment Form & Custom Form Builder 跨站请求伪造漏洞 — Forminator Forms – Contact Form, Payment Form & Custom Form BuilderCWE-352 5.4 Medium2023-07-12
CVE-2021-4415 WordPress Plugin Sunshine Photo Cart 跨站请求伪造漏洞 — Sunshine Photo Cart – Client Photo Gallery & Photo Proofing for PhotographersCWE-352 4.3 Medium2023-07-12
CVE-2021-4416 WordPress Plugin wp-mpdf 跨站请求伪造漏洞 — wp-mpdfCWE-352 4.3 Medium2023-07-12
CVE-2021-4413 WordPress Plugin Process Steps Template Designer 跨站请求伪造漏洞 — Process Steps Template DesignerCWE-352 4.3 Medium2023-07-12
CVE-2021-4414 WordPress Plugin Abandoned Cart Lite for WooCommerce 跨站请求伪造漏洞 — Abandoned Cart Lite for WooCommerceCWE-352 4.3 Medium2023-07-12
CVE-2021-4411 WordPress Plugin WP EasyPay – Square for WordPress 跨站请求伪造漏洞 — WP Easy Pay – Payment and Donation form Builder for SquareCWE-352 4.3 Medium2023-07-12
CVE-2021-4412 WordPress Plugin WP Prayer 跨站请求伪造漏洞 — WP PrayerCWE-352 4.3 Medium2023-07-12
CVE-2021-4409 WordPress Plugin WooCommerce Etsy Integration 跨站请求伪造漏洞 — Etsy Integration For WooCommerceCWE-352 4.3 Medium2023-07-12
CVE-2021-4410 WordPress Plugin Qtranslate Slug 跨站请求伪造漏洞 — Qtranslate SlugCWE-352 4.3 Medium2023-07-12
CVE-2021-4407 WordPress Plugin Custom Banners 跨站请求伪造漏洞 — Custom BannersCWE-352 4.3 Medium2023-07-12
CVE-2021-4408 WordPress Plugin DW Question & Answer 跨站请求伪造漏洞 — DW Question & AnswerCWE-352 4.3 Medium2023-07-12
CVE-2020-36750 WordPress Plugin EWWW Image Optimizer 跨站请求伪造漏洞 — EWWW Image OptimizerCWE-352 4.3 Medium2023-07-12
CVE-2023-26563 Syncfusion ej2-filemanager-node-filesystem 路径遍历漏洞 — n/a 9.8 -2023-07-12
CVE-2023-26564 Syncfusion EJ2 ASPCore File Provider 路径遍历漏洞 — n/a 9.1 -2023-07-12
CVE-2023-33274 PowerShield SNMP Web Pro 授权问题漏洞 — n/a 9.8 -2023-07-12
CVE-2023-37629 Online Piggery Management System 代码问题漏洞 — n/a 9.8 -2023-07-12
CVE-2023-37630 Online Piggery Management System 跨站脚本漏洞 — n/a 6.1 -2023-07-12
CVE-2023-3127 Johnson Controls iSTAR Ultra 授权问题漏洞 — iSTAR UltraCWE-287 7.5 High2023-07-11
CVE-2023-34090 Decidim 信息泄露漏洞 — decidimCWE-200 7.5 High2023-07-11
CVE-2022-23447 Fortinet FortiExtender 路径遍历漏洞 — FortiExtenderCWE-22 7.3 High2023-07-11
CVE-2023-3354 QEMU 代码问题漏洞 — qemuCWE-476 7.5 High2023-07-11
CVE-2023-35921 Siemens SIMATIC 安全漏洞 — SIMATIC MV540 HCWE-400 7.5 High2023-07-11
CVE-2023-35920 Siemens SIMATIC 多款产品 安全漏洞 — SIMATIC MV540 HCWE-400 7.5 High2023-07-11
CVE-2022-31810 Siemens SiPass Integrated 缓冲区错误漏洞 — SiPass integratedCWE-20 7.5 High2023-07-11
CVE-2022-29562 Siemens RUGGEDCOM ROX 输入验证错误漏洞 — RUGGEDCOM ROX MX5000CWE-20 3.7 Low2023-07-11

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 19009 条 CVE 漏洞。