漏洞标题 CVE-2022-3805: Jeg Elementor Kit < 2.5.7 - Unauthenticated Settings Update 漏洞描述 The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in ...

漏洞标题 CVE-2022-0412: WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection 漏洞描述 WordPress TI WooCommerce Wishlist plugin before 1.40.1 contains a SQL injection vulner...

漏洞标题 CVE-2023-7028: GitLab - Account Takeover via Password Reset 漏洞描述 An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 pr...

漏洞标题 CVE-2021-24510: WordPress MF Gig Calendar <=1.1 - Cross-Site Scripting 漏洞描述 WordPress MF Gig Calendar plugin 1.1 and prior contains a reflected cross-site scripting...

漏洞标题 CVE-2021-46381: D-Link DAP-1620 - Local File Inclusion 漏洞描述 D-Link DAP-1620 is susceptible to local file Inclusion due to path traversal that can lead to unauthorized ...

漏洞标题 CVE-2021-25111: WordPress English Admin <1.5.2 - Open Redirect 漏洞描述 WordPress English Admin plugin before 1.5.2 contains an open redirect vulnerability. The plugin ...

漏洞标题 CVE-2017-7921: Hikvision - Authentication Bypass 漏洞描述 Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 1407...

漏洞标题 CVE-2022-0653: Wordpress Profile Builder Plugin Cross-Site Scripting 漏洞描述 The Profile Builder User Profile & User Registration Forms WordPress plugin is vulnerable...

漏洞标题 CVE-2022-3578: WordPress ProfileGrid <5.1.1 - Cross-Site Scripting 漏洞描述 WordPress ProfileGrid plugin prior to 5.1.1 contains a cross-site scripting vulnerability. T...

漏洞标题 CVE-2013-2248: Apache Struts - Multiple Open Redirection Vulnerabilities 漏洞描述 Apache Struts is prone to multiple open-redirection vulnerabilities because the applicati...

漏洞标题 CVE-2014-4536: Infusionsoft Gravity Forms Add-on < 1.5.7 - Cross-Site Scripting 漏洞描述 Multiple cross-site scripting vulnerabilities in tests/notAuto_test_ContactServ...

漏洞标题 CVE-2010-1308: Joomla! Component SVMap 1.1.1 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allow...

漏洞标题 CVE-2021-24295: Spam protection, AntiSpam, FireWall by CleanTalk < 5.153.4 - Unauthenticated Blind SQL Injection 漏洞描述 It was possible to exploit an Unauthenticated ...

漏洞标题 confluence 远程代码执行漏洞(CVE-2019-3396) 漏洞描述 Confluence是一个专业的企业知识管理与协同软件，常用于构建企业wiki。它强大的编辑和站点管理特征能够帮助团队成员之间共享信...

前言： 今天分享的这个漏洞是在某项目中挖到的，当时这个漏洞点很多师傅也发现了，也在弄，只是我误打误撞先一步把数据包构造出来拿到了数据，最后拿到了赏金。所以感觉这洞的数据包构造还是有...

漏洞标题 CVE-2024-39646: WordPress Custom 404 Pro <= 3.11.1 - Reflected XSS 漏洞描述 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripti...