漏洞标题 CVE-2025-47539: Eventin <= 4.0.26 - Privilege Escalation 漏洞描述 The Eventin WordPress plugin before 4.0.27 suffers from an unauthenticated privilege escalation vulner...

漏洞标题 CVE-2025-1661: HUSKY – Products Filter Professional for WooCommerce <= 1.3.6.5 - Unauthenticated Local File Inclusion 漏洞描述 The HUSKY – Products Filter Professiona...

漏洞标题 CVE-2025-1098: Ingress-Nginx Controller - Configuration Injection via Unsanitized Mirror Annotations 漏洞描述 A security issue was discovered in ingress-nginx https-//gith...

漏洞标题 CVE-2025-32430: XWiki Platform - Cross-Site Scripting 漏洞描述 XWiki Platform versions >= 4.2-milestone-3 and < 16.4.8, >= 16.5.0-rc-1 and < 16.10.6, and >=...

漏洞标题 CVE-2025-53770: Microsoft SharePoint Server - Remote Code Execution (ToolShell) 漏洞描述 Deserialization of untrusted data in on-premises Microsoft SharePoint Server allow...

漏洞标题 CVE-2025-51586: PrestaShop - Information Disclosure 漏洞描述 User enumeration vulnerability in the AdminLogin controller in PrestaShop 1.7 through 8.2.2 allows remote atta...

漏洞标题 CVE-2025-1023: ChurchCRM - SQL Injection 漏洞描述 A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary SQL queries by exploiti...

漏洞标题 CVE-2025-6174: WordPress Qwizcards < 3.95 - Cross-Site Scripting (Reflected) 漏洞描述 The WordPress Qwizcards plugin before version 3.95 does not sanitise and escape th...

漏洞标题 CVE-2025-4388: Liferay Portal - Cross-Site Scripting 漏洞描述 A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Lifer...

漏洞标题 CVE-2025-27218: Sitecore Experience Manager (XM)/Experience Platform (XP) 10.4 - Insecure Deserialization 漏洞描述 Sitecore Experience Manager (XM) and Experience Platform...

漏洞标题 CVE-2025-2746: Kentico Xperience 13 CMS - Staging Service Authentication Bypass (WT-2025-0011) 漏洞描述 Before Kentico Xperience 13 Hotfix 173, this vulnerability can be e...

漏洞标题 CVE-2025-14611: Gladinet CentreStack & Triofox - Hardcoded Credentials 漏洞描述 Gladinet CentreStack and Triofox < 16.12.10420.56791 contain a hardcoded credentials...

漏洞标题 CVE-2025-25291: GitLab - SAML Authentication Bypass 漏洞描述 ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication ...

漏洞标题 CVE-2025-1035: KLog Server - Path Traversal 漏洞描述 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Komtera Tech...

漏洞标题 CVE-2025-55161: Stirling-PDF SSRF via Markdown 漏洞描述 Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1....

漏洞标题 CVE-2025-34291: Langflow AI <= 1.6.9 - CORS Misconfiguration 漏洞描述 Langflow AI versions 1.6.9 and earlier are vulnerable to a CORS misconfiguration that allows any o...