漏洞平台

漏洞ID	漏洞标题	风险等级	分配者	发布日期
CVE-2025-28866	WordPress Login Logger plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerability	中危	Patchstack	2025-03-11 21:00:36
CVE-2025-28863	WordPress Delete Original Image plugin <= 0.4 - Cross Site Request Forgery (CSRF) vulnerability	中危	Patchstack	2025-03-11 21:00:35
CVE-2025-28864	WordPress Builder for Contact Form 7 by Webconstruct plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability	中危	Patchstack	2025-03-11 21:00:35
CVE-2025-28862	WordPress Comment Date and Gravatar remover plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability	中危	Patchstack	2025-03-11 21:00:34
CVE-2025-28861	WordPress WP jQuery Persian Datepicker plugin <= 0.1.0 - CSRF to Stored XSS vulnerability	高危	Patchstack	2025-03-11 21:00:33
CVE-2025-28859	WordPress Maintenance Notice plugin <= 1.0.5 - Cross Site Request Forgery (CSRF) vulnerability	中危	Patchstack	2025-03-11 21:00:32
CVE-2025-28860	WordPress Google News Editors Picks Feed Generator plugin <= 2.1 - CSRF to Stored XSS vulnerability	高危	Patchstack	2025-03-11 21:00:32
CVE-2025-28857	WordPress Rankchecker.io Integration plugin <= 1.0.9 - CSRF to Stored Cross Site Scripting (XSS) vulnerability	高危	Patchstack	2025-03-11 21:00:31
CVE-2025-28856	WordPress W3Counter Free Real-Time Web Stats plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerability	中危	Patchstack	2025-03-11 21:00:30
CVE-2025-0900	PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	N/A	zdi	2025-03-11 20:45:11
CVE-2025-2023	Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability	N/A	zdi	2025-03-11 20:43:18
CVE-2025-2022	Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability	N/A	zdi	2025-03-11 20:43:15
CVE-2025-2021	Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability	N/A	zdi	2025-03-11 20:43:10
CVE-2025-2020	Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability	N/A	zdi	2025-03-11 20:43:06
CVE-2025-2019	Ashlar-Vellum Cobalt VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability	N/A	zdi	2025-03-11 20:43:02
CVE-2025-2018	Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability	N/A	zdi	2025-03-11 20:42:56
CVE-2025-2017	Ashlar-Vellum Cobalt CO File Parsing Buffer Overflow Remote Code Execution Vulnerability	N/A	zdi	2025-03-11 20:42:52
CVE-2025-2016	Ashlar-Vellum Cobalt VC6 File Parsing Type Confusion Remote Code Execution Vulnerability	N/A	zdi	2025-03-11 20:42:47
CVE-2025-2015	Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability	N/A	zdi	2025-03-11 20:42:43
CVE-2025-2014	Ashlar-Vellum Cobalt VS File Parsing Use of Uninitialized Variable Remote Code Execution Vulnerability	N/A	zdi	2025-03-11 20:42:39

CVE-2025-28866

WordPress Login Logger plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerability

中危

Patchstack

2025-03-11 21:00:36

CVE-2025-28863

WordPress Delete Original Image plugin <= 0.4 - Cross Site Request Forgery (CSRF) vulnerability

中危

Patchstack

2025-03-11 21:00:35

CVE-2025-28864

WordPress Builder for Contact Form 7 by Webconstruct plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability

中危

Patchstack

2025-03-11 21:00:35

CVE-2025-28862

WordPress Comment Date and Gravatar remover plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability

中危

Patchstack

2025-03-11 21:00:34

CVE-2025-28861

WordPress WP jQuery Persian Datepicker plugin <= 0.1.0 - CSRF to Stored XSS vulnerability

高危

Patchstack

2025-03-11 21:00:33

CVE-2025-28859

WordPress Maintenance Notice plugin <= 1.0.5 - Cross Site Request Forgery (CSRF) vulnerability

中危

Patchstack

2025-03-11 21:00:32

CVE-2025-28860

WordPress Google News Editors Picks Feed Generator plugin <= 2.1 - CSRF to Stored XSS vulnerability

高危

Patchstack

2025-03-11 21:00:32

CVE-2025-28857

WordPress Rankchecker.io Integration plugin <= 1.0.9 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

高危

Patchstack

2025-03-11 21:00:31

CVE-2025-28856

WordPress W3Counter Free Real-Time Web Stats plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerability

中危

Patchstack

2025-03-11 21:00:30

CVE-2025-0900

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

N/A

zdi

2025-03-11 20:45:11

CVE-2025-2023

Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability

N/A

zdi

2025-03-11 20:43:18

CVE-2025-2022

Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability

N/A

zdi

2025-03-11 20:43:15

CVE-2025-2021

Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability

N/A

zdi

2025-03-11 20:43:10

CVE-2025-2020

Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

N/A

zdi

2025-03-11 20:43:06

CVE-2025-2019

Ashlar-Vellum Cobalt VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

N/A

zdi

2025-03-11 20:43:02

CVE-2025-2018

Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability

N/A

zdi

2025-03-11 20:42:56

CVE-2025-2017

Ashlar-Vellum Cobalt CO File Parsing Buffer Overflow Remote Code Execution Vulnerability

N/A

zdi

2025-03-11 20:42:52

CVE-2025-2016

Ashlar-Vellum Cobalt VC6 File Parsing Type Confusion Remote Code Execution Vulnerability

N/A

zdi

2025-03-11 20:42:47

CVE-2025-2015

Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability

N/A

zdi

2025-03-11 20:42:43

CVE-2025-2014

Ashlar-Vellum Cobalt VS File Parsing Use of Uninitialized Variable Remote Code Execution Vulnerability

N/A

zdi

2025-03-11 20:42:39

漏洞列表