漏洞标题 CVE-2022-1390: WordPress Admin Word Count Column 2.2 - Local File Inclusion 漏洞描述 The plugin does not validate the path parameter given to readfile(), which could allow...

漏洞标题 CVE-2024-41667: OpenAM<=15.0.3 FreeMarker - Template Injection 漏洞描述 OpenAM is an open access management solution. In versions 15.0.3 and prior, the `getCustomLoginU...

漏洞标题 CVE-2007-5728: phpPgAdmin <=4.1.1 - Cross-Site Scripting 漏洞描述 phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, is vulnerable to cross-site scripting and allows remote a...

漏洞标题 CVE-2020-12832: WordPress Simple File List - Path Traversal 漏洞描述 Simple File List plugin allows path traversal via file upload, enabling files to be written outside th...

漏洞标题 CVE-2021-41460: ECShop 4.1.0 - SQL Injection 漏洞描述 ECShop 4.1.0 has SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information. Po...

漏洞标题 CVE-2014-4536: Infusionsoft Gravity Forms Add-on < 1.5.7 - Cross-Site Scripting 漏洞描述 Multiple cross-site scripting vulnerabilities in tests/notAuto_test_ContactServ...

漏洞标题 CVE-2022-2486: Wavlink WN535K2/WN535K3 - OS Command Injection 漏洞描述 Wavlink WN535K2 and WN535K3 routers are susceptible to OS command injection in an unknown part of th...

漏洞标题 CVE-2016-10960: WordPress wSecure Lite < 2.4 - Remote Code Execution 漏洞描述 WordPress wsecure plugin before 2.4 is susceptible to remote code execution via shell meta...

漏洞标题 CVE-2021-46069: Vehicle Service Management System 1.0 - Stored Cross Site Scripting 漏洞描述 Vehicle Service Management System 1.0 contains a stored cross-site scripting v...

漏洞标题 CVE-2022-0693: WordPress Master Elements <=8.0 - SQL Injection 漏洞描述 WordPress Master Elements plugin through 8.0 contains a SQL injection vulnerability. The plugin ...

漏洞标题 CVE-2016-1000148: WordPress S3 Video <=0.983 - Cross-Site Scripting 漏洞描述 WordPress S3 Video and before contains a reflected cross-site scripting vulnerability which...

漏洞标题 CVE-2018-11709: WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting 漏洞描述 WordPress wpForo Forum plugin before 1.4.12 for WordPress allows unauthenticated reflec...

漏洞标题 CVE-2021-23241: MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion 漏洞描述 MERCUSYS Mercury X18G 1.0.5 devices are vulnerable to local file inclusion via ../ in co...

漏洞标题 CVE-2021-3287: Zoho ManageEngine OpManager < 12.5.329 - Remote Code Execution 漏洞描述 Zoho ManageEngine OpManager before 12.5.329 contains a remote code execution caus...

漏洞标题 CVE-2023-49489: KodeExplorer 4.51 - Reflective Cross Site Scripting (XSS) 漏洞描述 Reflective Cross Site Scripting (XSS) vulnerability in KodExplorer version 4.51, allows ...

漏洞标题 CVE-2025-9985: Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Information Exposure via Log File 漏洞描述 The Featured Image from URL (FIFU) plugin for WordPr...