CVE-2023-39598: IceWarp Email Client – Cross Site Scripting
漏洞标题 CVE-2023-39598: IceWarp Email Client - Cross Site Scripting 漏洞描述 Cross Site Scripting vulnerability in IceWarp Corporation WebClient v.10.2.1 allows a remote attacker ...
CVE-2023-4521: Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE
漏洞标题 CVE-2023-4521: Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE 漏洞描述 The Import XML and RSS Feeds WordPress plugin before 2.1.5 allows unauthenticated attacke...
CVE-2018-19287: WordPress Ninja Forms <3.3.18 - Cross-Site Scripting
漏洞标题 CVE-2018-19287: WordPress Ninja Forms <3.3.18 - Cross-Site Scripting 漏洞描述 WordPress Ninja Forms plugin before 3.3.18 contains a cross-site scripting vulnerability. ...
CVE-2023-5089: Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
漏洞标题 CVE-2023-5089: Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page) 漏洞描述 The Defender Security WordPress plugin before 4.1.0 does not prevent redirects...
CVE-2020-24312: WordPress Plugin File Manager (wp-file-manager) Backup Disclosure
漏洞标题 CVE-2020-24312: WordPress Plugin File Manager (wp-file-manager) Backup Disclosure 漏洞描述 mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to...
CVE-2021-24997: WordPress Guppy <=1.1 - Information Disclosure
漏洞标题 CVE-2021-24997: WordPress Guppy <=1.1 - Information Disclosure 漏洞描述 WordPress Guppy plugin through 1.1 is susceptible to an API disclosure vulnerability. This can a...
CVE-2023-34020: Uncanny Toolkit for LearnDash – Open Redirection
漏洞标题 CVE-2023-34020: Uncanny Toolkit for LearnDash - Open Redirection 漏洞描述 A vulnerability in the WordPress Uncanny Toolkit for LearnDash Plugin allowed malicious actors to...
CVE-2022-4306: WordPress Panda Pods Repeater Field <1.5.4 - Cross-Site Scripting
漏洞标题 CVE-2022-4306: WordPress Panda Pods Repeater Field <1.5.4 - Cross-Site Scripting 漏洞描述 WordPress Panda Pods Repeater Field before 1.5.4 contains a cross-site scripti...
CVE-2024-12824: Nokri – Job Board WordPress Theme <= 1.6.2 - Unauthenticated Arbitrary Password Change
漏洞标题 CVE-2024-12824: Nokri – Job Board WordPress Theme <= 1.6.2 - Unauthenticated Arbitrary Password Change 漏洞描述 The Nokri – Job Board WordPress Theme theme for WordPr...
CVE-2019-17233: WordPress Ultimate FAQs <= 1.8.24 – Unauthenticated HTML Content Injection
漏洞标题 CVE-2019-17233: WordPress Ultimate FAQs <= 1.8.24 – Unauthenticated HTML Content Injection 漏洞描述 Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1...
(CVE-2020-5410) Spring Cloud Config 目录遍历漏洞
漏洞标题 (CVE-2020-5410) Spring Cloud Config 目录遍历漏洞 漏洞描述 (CVE-2020-5410) Spring Cloud Config 目录遍历漏洞 PoC代码 暂无
CVE-2021-24849: WCFM WooCommerce Multivendor Marketplace < 3.4.12 - SQL Injection
漏洞标题 CVE-2021-24849: WCFM WooCommerce Multivendor Marketplace < 3.4.12 - SQL Injection 漏洞描述 The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress plugin...
CVE-2019-8943: WordPress Core 5.0.0 – Crop-image Shell Upload
漏洞标题 CVE-2019-8943: WordPress Core 5.0.0 - Crop-image Shell Upload 漏洞描述 WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to...
CVE-2018-16139: BIBLIOsoft BIBLIOpac 2008 – Cross-Site Scripting
漏洞标题 CVE-2018-16139: BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting 漏洞描述 BIBLIOsoft BIBLIOpac 2008 contains a cross-site scripting vulnerability via the db or action para...
CVE-2018-16836: Rubedo CMS <=3.4.0 - Directory Traversal
漏洞标题 CVE-2018-16836: Rubedo CMS <=3.4.0 - Directory Traversal 漏洞描述 Rubedo CMS through 3.4.0 contains a directory traversal vulnerability in the theme component, allowing...
CVE-2025-6970: WordPress Events Manager <= 7.0.3 - SQL Injection
漏洞标题 CVE-2025-6970: WordPress Events Manager <= 7.0.3 - SQL Injection 漏洞描述 The Events Manager - Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable...
