NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-14636	A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results i...	2025-12-13	3.7	NETWORK	LOW	NVD
CVE-2025-14623	A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/upda...	2025-12-13	7.3	NETWORK	HIGH	NVD
CVE-2025-14622	A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/sa...	2025-12-13	7.3	NETWORK	HIGH	NVD
CVE-2025-14621	A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php. T...	2025-12-13	7.3	NETWORK	HIGH	NVD
CVE-2025-9873	The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.5 due to insufficient inp...	2025-12-13	6.4	NETWORK	MEDIUM	NVD
CVE-2025-9856	The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ...	2025-12-13	6.4	NETWORK	MEDIUM	NVD
CVE-2025-9488	The Redux Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data’ parameter in all versions up to, and including, 4...	2025-12-13	6.4	NETWORK	MEDIUM	NVD
CVE-2025-9218	The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to to Information Disclosure due to missing authorization in the ...	2025-12-13	3.7	NETWORK	LOW	NVD
CVE-2025-9207	The TI WooCommerce Wishlist plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 2.10.0. This is due to the plug...	2025-12-13	5.3	NETWORK	MEDIUM	NVD
CVE-2025-9116	The WPS Visitor Counter Plugin WordPress plugin through 1.4.8 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an at...	2025-12-13	5.8	NETWORK	MEDIUM	NVD
CVE-2025-8780	The Livemesh SiteOrigin Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Hero Header and Pricing Table widge...	2025-12-13	6.4	NETWORK	MEDIUM	NVD
CVE-2025-8779	The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Team and Countdown ...	2025-12-13	6.4	NETWORK	MEDIUM	NVD
CVE-2025-8687	The Enter Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown and Image Comparison widgets in all vers...	2025-12-13	6.4	NETWORK	MEDIUM	NVD
CVE-2025-8617	The YITH WooCommerce Quick View plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's yith_quick_view shortcode in all ve...	2025-12-13	6.4	NETWORK	MEDIUM	NVD
CVE-2025-8199	The MarqueeAddons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Testimonial Marquee widget in all versions up to,...	2025-12-13	6.4	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.