漏洞标题 CVE-2024-8673: Z-Downloads < 1.11.7 - Cross-Site Scripting 漏洞描述 The plugin does not properly validate uploaded files allowing for the uploading of SVGs containing m...

漏洞标题 CVE-2018-1000861: Jenkins - Remote Command Injection 漏洞描述 Jenkins 2.153 and earlier and LTS 2.138.3 and earlier are susceptible to a remote command injection via stapl...

漏洞标题 CVE-2021-36888: WordPress Image Hover Ultimate - Unauthenticated Settings Update 漏洞描述 Unauthenticated Arbitrary Options Update vulnerability leading to full website co...

漏洞标题 CVE-2022-3982: WordPress Booking Calendar <3.2.2 - Arbitrary File Upload 漏洞描述 WordPress Booking Calendar plugin before 3.2.2 is susceptible to arbitrary file upload...

漏洞标题 CVE-2019-6703: Total Donations Plugin for WordPress < 2.0.6 - Arbitrary Options Update 漏洞描述 Incorrect access control in migla_ajax_functions.php in the Calmar Webme...

漏洞标题 CVE-2017-18542: Zendesk Help Center by BestWebSoft < 1.0.5 - Cross-Site Scripting 漏洞描述 The zendesk-help-center plugin before 1.0.5 for WordPress has multiple XSS is...

漏洞标题 CVE-2018-20062: ThinkPHP 5.0.23 - Remote Code Execution 漏洞描述 An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute...

漏洞标题 CVE-2021-24278: WordPress Contact Form 7 <2.3.4 - Arbitrary Nonce Generation 漏洞描述 WordPress Contact Form 7 before version 2.3.4 allows unauthenticated users to use ...

漏洞标题 Apache OFBiz /viewdatafile 代码执行漏洞（CVE-2024-45195） 漏洞描述 Apache OFBiz是一个开源企业资源规划（ERP）系统。它提供了一套企业应用程序，集成并自动化企业的许多业务流程...

漏洞标题 CVE-2022-2314: WordPress VR Calendar <=2.3.2 - Remote Code Execution 漏洞描述 WordPress VR Calendar plugin through 2.3.2 is susceptible to remote code execution. The pl...

漏洞标题 CVE-2018-10942: Prestashop AttributeWizardPro Module - Arbitrary File Upload 漏洞描述 In the Attribute Wizard addon 1.6.9 for PrestaShop allows remote attackers to execute...

漏洞标题 CVE-2024-38472: Apache HTTPd Windows UNC - Server-Side Request Forgery 漏洞描述 SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious...

漏洞标题 CVE-2017-14725: WordPress < 4.8.2 - Authenticated Open Redirect 漏洞描述 WordPress versions before 4.8.2 contain an open redirect caused by improper validation in wp-ad...

漏洞标题 CVE-2025-48954: Discourse OAuth Social Login - Cross-site Scripting 漏洞描述 Discourse versions prior to 3.5.0.beta6 contain a stored Cross-Site Scripting (XSS) vulnerabil...

漏洞标题 CVE-2019-16920: D-Link Routers - Remote Code Execution 漏洞描述 D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565 contain an unauthenticated remote code ex...

漏洞标题 CVE-2023-43654: PyTorch TorchServe SSRF 漏洞描述 TorchServe is a tool for serving and scaling PyTorch models in production. TorchServe default configuration lacks proper i...