漏洞标题 CVE-2022-24181: PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting 漏洞描述 PKP Open Journal Systems 2.4.8 to 3.3 contains a cross-site scripting vulnerability whic...

漏洞标题 CVE-2023-2518: WordPress Easy Forms for Mailchimp Plugin < 6.8.9 - Cross-Site Scripting 漏洞描述 The Easy Forms for Mailchimp plugin before version 6.8.9 contains a ref...

漏洞标题 CVE-2020-5776: MAGMI - Cross-Site Request Forgery 漏洞描述 MAGMI (Magento Mass Importer) is vulnerable to cross-site request forgery (CSRF) due to a lack of CSRF tokens. R...

漏洞标题 CVE-2020-17463: Fuel CMS 1.4.7 - SQL Injection 漏洞描述 FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items...

漏洞标题 CVE-2021-20792: WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting 漏洞描述 WordPress Quiz and Survey Master plugin prior to 7.1.14 contains a cross-site s...

漏洞标题 CVE-2021-22122: FortiWeb - Cross Site Scripting 漏洞描述 FortiWeb 6.3.0 through 6.3.7 and versions before 6.2.4 contain an unauthenticated cross-site scripting vulnerabili...

漏洞标题 CVE-2024-43917: WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 - SQL Injection 漏洞描述 In the latest version (2.8.2 as of writing the article) and below, the plugin...

漏洞标题 CVE-2021-24762: WordPress Perfect Survey <1.5.2 - SQL Injection 漏洞描述 Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET p...

漏洞标题 CVE-2019-2767: Oracle Business Intelligence Publisher - XML External Entity Injection 漏洞描述 Oracle Business Intelligence Publisher is vulnerable to an XML external enti...

漏洞标题 CVE-2021-24342: WordPress JNews Theme <8.0.6 - Cross-Site Scripting 漏洞描述 WordPress JNews theme before 8.0.6 contains a reflected cross-site scripting vulnerability....

漏洞标题 CVE-2025-52665: UniFi Access - Broken Access Control 漏洞描述 UniFi Access Application 3.3.22 through 3.4.31 contains a broken authentication caused by misconfiguration ex...

漏洞标题 CVE-2019-17233: WordPress Ultimate FAQs <= 1.8.24 – Unauthenticated HTML Content Injection 漏洞描述 Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1...

漏洞标题 CVE-2021-41467: JustWriting - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in application/controllers/dropbox.php in JustWriting 1.0.0 and below allo...

漏洞标题 CVE-2010-1476: Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) com...

漏洞标题 CVE-2021-24940: WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting 漏洞描述 WordPress Persian Woocommerce plugin through 5.8.0 contains a cross-site scripting...

漏洞标题 CVE-2021-42887: TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass 漏洞描述 TOTOLINK EX1200T 4.1.2cu.5215 is susceptible to authentication bypass. An attacker can bypas...