漏洞标题 CVE-2019-14470: WordPress UserPro 4.9.32 - Cross-Site Scripting 漏洞描述 WordPress UserPro 4.9.32 is vulnerable to reflected cross-site scripting because the Instagram PHP...

漏洞标题 CVE-2021-29622: Prometheus - Open Redirect 漏洞描述 Prometheus 2.23.0 through 2.26.0 and 2.27.0 contains an open redirect vulnerability. To ensure a seamless transition to...

漏洞标题 CVE-2023-42343: OpenCMS - Cross-Site Scripting 漏洞描述 OpenCMS below 10.5.1 is vulnerable to Cross-Site Scripting vulnerability. PoC代码

漏洞标题 CVE-2024-1061: WordPress HTML5 Video Player - SQL Injection 漏洞描述 WordPress HTML5 Video Player plugin is vulnerable to SQL injection. An unauthenticated attacker can ex...

漏洞标题 CVE-2017-20192: Formidable Forms < 2.05.02 - Cross-Site Scripting 漏洞描述 Formidable Form Builder for WordPress versions before 2.05.03 contains a stored cross-site sc...

漏洞标题 CVE-2020-36728: WordPress Plugin Adning Advertising < 1.5.6 - Arbitrary File Upload 漏洞描述 The Adning Advertising plugin for WordPress versions below 1.5.6 is vulnera...

漏洞标题 CVE-2025-8943: Flowise < 3.0.1 - Remote Command Execution 漏洞描述 The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to s...

漏洞标题 CVE-2022-29081: Zoho ManageEngine - Access Control Bypass 漏洞描述 Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before ...

漏洞标题 CVE-2025-6970: WordPress Events Manager <= 7.0.3 - SQL Injection 漏洞描述 The Events Manager - Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable...

漏洞标题 CVE-2020-15906: Tiki Wiki CMS GroupWare - Authentication Bypass 漏洞描述 tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login...

漏洞标题 CVE-2021-24291: WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting 漏洞描述 WordPress Photo Gallery by 10Web plugin before 1.5.69 contains multiple reflect...

漏洞标题 CVE-2017-9965: Schneider Electric Pelco VideoXpert Enterprise 2.0 - Path Traversal 漏洞描述 Schneider Electric Pelco VideoXpert Enterprise versions 2.0 and prior contain a...

漏洞标题 CVE-2023-23333: SolarView Compact 6.00 - OS Command Injection 漏洞描述 SolarView Compact 6.00 was discovered to contain a command injection vulnerability, attackers can ex...

漏洞标题 CVE-2022-3477: WordPress tagDiv Composer < 3.5 - Authentication Bypass 漏洞描述 The tagDiv Composer WordPress plugin before 3.5, required by the Newspaper WordPress the...

漏洞标题 CVE-2022-4325: WordPress Post Status Notifier Lite <1.10.1 - Cross-Site Scripting 漏洞描述 WordPress Post Status Notifier Lite plugin before 1.10.1 contains a cross-sit...

漏洞标题 CVE-2021-24862: WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection 漏洞描述 WordPress RegistrationMagic plugin before 5.0.1.6 contains an authenticated ...