CVE-2017-18505: BestWebSoft’s Twitter < 2.55 - Cross-Site Scripting
漏洞标题 CVE-2017-18505: BestWebSoft's Twitter < 2.55 - Cross-Site Scripting 漏洞描述 The twitter-plugin plugin before 2.55 for WordPress has XSS. PoC代码
CVE-2022-2546: WordPress All-in-One WP Migration <=7.62 - Cross-Site Scripting
漏洞标题 CVE-2022-2546: WordPress All-in-One WP Migration <=7.62 - Cross-Site Scripting 漏洞描述 WordPress All-in-One WP Migration plugin 7.62 and prior contains a cross-site sc...
CVE-2023-1119: WP-Optimize WordPress plugin < 3.2.13 - Cross-Site Scripting
漏洞标题 CVE-2023-1119: WP-Optimize WordPress plugin < 3.2.13 - Cross-Site Scripting 漏洞描述 The WP-Optimize WordPress plugin before 3.2.13 and SrbTransLatin WordPress plugin b...
CVE-2022-0873: WordPress Gmedia Photo Gallery Plugin < 1.20.0 - Cross-Site Scripting
漏洞标题 CVE-2022-0873: WordPress Gmedia Photo Gallery Plugin < 1.20.0 - Cross-Site Scripting 漏洞描述 The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanitise ...
CVE-2024-4399: WordPress CAS Theme <= 1.0.0 - Server-Side Request Forgery
漏洞标题 CVE-2024-4399: WordPress CAS Theme <= 1.0.0 - Server-Side Request Forgery 漏洞描述 The CAS WordPress theme through version 1.0.0 is vulnerable to Server-Side Request Fo...
CVE-2013-6281: WordPress Spreadsheet – Cross-Site Scripting
漏洞标题 CVE-2013-6281: WordPress Spreadsheet - Cross-Site Scripting 漏洞描述 WordPress Spreadsheet plugin contains a reflected cross-site scripting vulnerability in /dhtmlxspreads...
CVE-2023-39108: rConfig 3.9.4 – Server-Side Request Forgery
漏洞标题 CVE-2023-39108: rConfig 3.9.4 - Server-Side Request Forgery 漏洞描述 rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b parameter...
CVE-2025-3605: WordPress Frontend Login and Registration Blocks Plugin 1.0.7 – Privilege Escalation
漏洞标题 CVE-2025-3605: WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation 漏洞描述 Privilege escalation vulnerability exists in the Frontend Logi...
CVE-2024-41810: Twisted – Open Redirect & XSS
漏洞标题 CVE-2024-41810: Twisted - Open Redirect & XSS 漏洞描述 Twisted is an event-based framework for internet applications, supporting Python 3.6+. The Twisted web framework...
CVE-2021-45027: Oliver 5 Library Server <8.00.008.053 - Local File Inclusion
漏洞标题 CVE-2021-45027: Oliver 5 Library Server <8.00.008.053 - Local File Inclusion 漏洞描述 Oliver 5 Library Server versions prior to 8.00.008.053 are vulnerable to local fil...
CVE-2020-26258: XStream <1.4.15 - Server-Side Request Forgery
漏洞标题 CVE-2020-26258: XStream <1.4.15 - Server-Side Request Forgery 漏洞描述 XStream before 1.4.15 is susceptible to server-side request forgery. An attacker can request data...
CVE-2021-36260: Hikvision IP camera/NVR – Remote Command Execution
漏洞标题 CVE-2021-36260: Hikvision IP camera/NVR - Remote Command Execution 漏洞描述 Certain Hikvision products contain a command injection vulnerability in the web server due to t...
CVE-2024-8353: GiveWP Donation Plugin <= 3.16.1 - Unauthenticated PHP Object Injection
漏洞标题 CVE-2024-8353: GiveWP Donation Plugin <= 3.16.1 - Unauthenticated PHP Object Injection 漏洞描述 The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPr...
CVE-2023-27640: PrestaShop tshirtecommerce – Directory Traversal
漏洞标题 CVE-2023-27640: PrestaShop tshirtecommerce - Directory Traversal 漏洞描述 The Custom Product Designer (tshirtecommerce) module for PrestaShop allows HTTP requests to be fo...
CVE-2025-47445: WordPress Eventin (Themewinter) ≤ 4.0.26 – Arbitrary File Download
漏洞标题 CVE-2025-47445: WordPress Eventin (Themewinter) ≤ 4.0.26 - Arbitrary File Download 漏洞描述 Themewinter Eventin contains a path traversal caused by relative path manipula...
CVE-2021-22214: Gitlab CE/EE 10.5 – Server-Side Request Forgery
漏洞标题 CVE-2021-22214: Gitlab CE/EE 10.5 - Server-Side Request Forgery 漏洞描述 GitLab CE/EE versions starting from 10.5 are susceptible to a server-side request forgery vulnerab...
