NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-8199	The MarqueeAddons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Testimonial Marquee widget in all versions up to,...	2025-12-13	6.4	NETWORK	MEDIUM	NVD
CVE-2025-8195	The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Comparison and Subscribe widgets...	2025-12-13	6.4	NETWORK	MEDIUM	NVD
CVE-2025-7960	The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Slider, Pricing Calculator, a...	2025-12-13	6.4	NETWORK	MEDIUM	NVD
CVE-2025-7058	The Kingcabs theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘progressbarLayout’ parameter in all versions up to, and includi...	2025-12-13	6.4	NETWORK	MEDIUM	NVD
CVE-2025-36754	The authentication mechanism on web interface is not properly implemented. It is possible to bypass authentication checks by crafting a post request w...	2025-12-13	9.3	LOCAL	CRITICAL	NVD
CVE-2025-36753	The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the dev...	2025-12-13	8.6	PHYSICAL	HIGH	NVD
CVE-2025-36752	Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented credentials which allows significant level access to the ...	2025-12-13	9.4	ADJACENT	CRITICAL	NVD
CVE-2025-36751	Encryption is missing on the configuration interface for Growatt ShineLan-X and MIC 3300TL-X. This allows an attacker with access to the network to in...	2025-12-13	9.4	ADJACENT	CRITICAL	NVD
CVE-2025-36750	ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the Plant Name field. A HTML payload will be displayed on the plant managemen...	2025-12-13	8.5	NETWORK	HIGH	NVD
CVE-2025-36748	ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the local configuration web server. The JavaScript code snippet can be insert...	2025-12-13	8.4	NETWORK	HIGH	NVD
CVE-2025-36747	ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection wit...	2025-12-13	9.4	ADJACENT	CRITICAL	NVD
CVE-2025-14620	A vulnerability was determined in code-projects Student File Management System 1.0. Affected by this issue is some unknown functionality of the file /...	2025-12-13	7.3	NETWORK	HIGH	NVD
CVE-2025-14619	A vulnerability was found in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file ...	2025-12-13	7.3	NETWORK	HIGH	NVD
CVE-2025-14617	A vulnerability has been found in Jehovahs Witnesses JW Library App up to 15.5.1 on Android. Affected is an unknown function of the component org.jw.j...	2025-12-13	5.3	LOCAL	MEDIUM	NVD
CVE-2025-14607	A vulnerability was detected in OFFIS DCMTK up to 3.6.9. Affected by this issue is the function DcmByteString::makeDicomByteString of the file dcmdata...	2025-12-13	6.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.