NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-14159	The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and inc...	2025-12-12	4.3	NETWORK	MEDIUM	NVD
CVE-2025-14065	The Simple Bike Rental plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'simpbire_carica_pre...	2025-12-12	5.3	NETWORK	MEDIUM	NVD
CVE-2025-14030	The AI Feeds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'aife_post_meta' shortcode in all versions up to, and including...	2025-12-12	6.4	NETWORK	MEDIUM	NVD
CVE-2025-12965	The Magical Posts Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mpac_title_tag' parameter in the Magical Posts Ac...	2025-12-12	6.4	NETWORK	MEDIUM	NVD
CVE-2025-12408	The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Information Exposure in all versions up to, and incl...	2025-12-12	5.3	NETWORK	MEDIUM	NVD
CVE-2025-12407	The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, an...	2025-12-12	4.3	NETWORK	MEDIUM	NVD
CVE-2025-12841	The Bookit WordPress plugin before 2.5.1 has a publicly accessible REST endpoint that allows unauthenticated update of the plugins Stripe payment opti...	2025-12-12	5.3	NETWORK	MEDIUM	NVD
CVE-2025-12835	The WooMulti WordPress plugin through 17 does not validate a file parameter when deleting files, which could allow any authenticated users, such as su...	2025-12-12	7.3	NETWORK	HIGH	NVD
CVE-2025-58137	Authorization Bypass Through User-Controlled Key vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.11.0. The issue is f...	2025-12-12	8.1	NETWORK	HIGH	NVD
CVE-2025-58130	Insufficiently Protected Credentials vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.11.0. The issue is fixed in vers...	2025-12-12	9.1	NETWORK	CRITICAL	NVD
CVE-2025-26866	A remote code execution vulnerability exists where a malicious Raft node can exploit insecure Hessian deserialization within the PD store. The fix enf...	2025-12-12	8.8	NETWORK	HIGH	NVD
CVE-2025-23408	Weak Password Requirements vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.10.1. The issue is fixed in version 1.11.0...	2025-12-12	8.5	NETWORK	HIGH	NVD
CVE-2025-14074	The PDF for Contact Form 7 + Drag and Drop Template Builder plugin for WordPress is vulnerable to unauthorized post duplication due to a missing capab...	2025-12-12	5.3	NETWORK	MEDIUM	NVD
CVE-2025-13993	The MailerLite – Signup forms (official) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'form_description' and 'success_mes...	2025-12-12	5.5	NETWORK	MEDIUM	NVD
CVE-2025-12348	The Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin for WordPress is vulnerable to Missing Authorization in versions ...	2025-12-12	5.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.