CVE-2013-4625: WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting
漏洞标题 CVE-2013-4625: WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in files/installer.cleanup.php in the Duplicator...
CVE-2023-28121: WooCommerce Payments – Unauthorized Admin Access
漏洞标题 CVE-2023-28121: WooCommerce Payments - Unauthorized Admin Access 漏洞描述 An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauth...
CVE-2016-1000137: WordPress Hero Maps Pro 2.1.0 – Cross-Site Scripting
漏洞标题 CVE-2016-1000137: WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting 漏洞描述 WordPress Hero Maps Pro 2.1.0 contains a reflected cross-site scripting vulnerability which...
CVE-2022-40879: kkFileView 4.1.0 – Cross-Site Scripting
漏洞标题 CVE-2022-40879: kkFileView 4.1.0 - Cross-Site Scripting 漏洞描述 kkFileView 4.1.0 contains multiple cross-site scripting vulnerabilities via the errorMsg parameter. An att...
CVE-2015-9480: WordPress RobotCPA 5 – Directory Traversal
漏洞标题 CVE-2015-9480: WordPress RobotCPA 5 - Directory Traversal 漏洞描述 The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter. PoC代码
CVE-2021-24970: WordPress All-In-One Video Gallery <2.5.0 - Local File Inclusion
漏洞标题 CVE-2021-24970: WordPress All-In-One Video Gallery <2.5.0 - Local File Inclusion 漏洞描述 WordPress All-in-One Video Gallery plugin before 2.5.0 is susceptible to local...
CVE-2022-24816: GeoServer <1.2.2 - Remote Code Execution
漏洞标题 CVE-2022-24816: GeoServer <1.2.2 - Remote Code Execution 漏洞描述 Programs run on GeoServer before 1.2.2 which use jt-jiffle and allow Jiffle script to be provided via ...
CVE-2025-14611: Gladinet CentreStack & Triofox – Hardcoded Credentials
漏洞标题 CVE-2025-14611: Gladinet CentreStack & Triofox - Hardcoded Credentials 漏洞描述 Gladinet CentreStack and Triofox < 16.12.10420.56791 contain a hardcoded credentials...
CVE-2023-4173: mooSocial 3.1.8 – Reflected XSS
漏洞标题 CVE-2023-4173: mooSocial 3.1.8 - Reflected XSS 漏洞描述 A vulnerability, which was classified as problematic, was found in mooSocial mooStore 3.1.6. Affected is an unknown...
CVE-2025-6174: WordPress Qwizcards < 3.95 - Cross-Site Scripting (Reflected)
漏洞标题 CVE-2025-6174: WordPress Qwizcards < 3.95 - Cross-Site Scripting (Reflected) 漏洞描述 The WordPress Qwizcards plugin before version 3.95 does not sanitise and escape th...
CVE-2022-1392: WordPress Videos sync PDF <=1.7.4 - Local File Inclusion
漏洞标题 CVE-2022-1392: WordPress Videos sync PDF <=1.7.4 - Local File Inclusion 漏洞描述 WordPress Videos sync PDF 1.7.4 and prior does not validate the p parameter before usin...
CVE-2023-41266: Qlik Sense Enterprise – Path Traversal
漏洞标题 CVE-2023-41266: Qlik Sense Enterprise - Path Traversal 漏洞描述 A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and...
CVE-2020-8194: Citrix ADC and Citrix NetScaler Gateway – Remote Code Injection
漏洞标题 CVE-2020-8194: Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection 漏洞描述 Citrix ADC and NetScaler Gateway are susceptible to remote code injection. An attac...
CVE-2020-26214: Alerta < 8.1.0 - Authentication Bypass
漏洞标题 CVE-2020-26214: Alerta < 8.1.0 - Authentication Bypass 漏洞描述 Alerta prior to version 8.1.0 is prone to authentication bypass when using LDAP as an authorization prov...
CVE-2009-1151: PhpMyAdmin Scripts – Remote Code Execution
漏洞标题 CVE-2009-1151: PhpMyAdmin Scripts - Remote Code Execution 漏洞描述 PhpMyAdmin Scripts 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 are susceptible to a remote code execut...
CVE-2024-4898: WordPress InstaWP Connect <= 0.1.0.38 - Unauthenticated User Creation
漏洞标题 CVE-2024-4898: WordPress InstaWP Connect <= 0.1.0.38 - Unauthenticated User Creation 漏洞描述 The InstaWP Connect – 1-click WP Staging & Migration plugin for WordP...
