NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-0072	Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged us...	2025-05-02	N/A	None	None	NVD
CVE-2025-2812	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mydata Informatics Ticket Sales Automation allow...	2025-05-02	9.8	NETWORK	CRITICAL	NVD
CVE-2024-11142	Cross-Site Request Forgery (CSRF) vulnerability in Gosoft Software Proticaret E-Commerce allows Cross Site Request Forgery.This issue affects Proticar...	2025-05-02	5.4	NETWORK	MEDIUM	NVD
CVE-2024-13860	The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘bbp_topic_title’ parameter in all versions up to, an...	2025-05-02	6.4	NETWORK	MEDIUM	NVD
CVE-2024-13859	The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘bp_nouveau_ajax_media_save’ function in all versions...	2025-05-02	6.4	NETWORK	MEDIUM	NVD
CVE-2024-13858	The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘invitee_name’ parameter in all versions up to, and i...	2025-05-02	6.4	NETWORK	MEDIUM	NVD
CVE-2025-47201	In Intrexx Portal Server before 12.0.4, multiple Velocity-Scripts are susceptible to the execution of unrequested JavaScript code in HTML, aka XSS.	2025-05-02	4.4	NETWORK	MEDIUM	NVD
CVE-2025-3514	The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form settings, which could allow high privilege users such as ad...	2025-05-02	3.5	NETWORK	LOW	NVD
CVE-2025-3513	The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form settings, which could allow high privilege users such as ad...	2025-05-02	3.5	NETWORK	LOW	NVD
CVE-2025-3488	The WPML plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpml_language_switcher shortcode in versions 3.6.0 - 4.7.3...	2025-05-02	6.4	NETWORK	MEDIUM	NVD
CVE-2025-3438	The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to limited privilege escalation in all versions up t...	2025-05-02	6.5	NETWORK	MEDIUM	NVD
CVE-2025-3858	The Formality plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ parameter in all versions up to, and including, 1.5.8 ...	2025-05-02	6.4	NETWORK	MEDIUM	NVD
CVE-2025-3748	The Taxonomy Chain Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's pn_chain_menu shortcode in all versions up ...	2025-05-02	6.4	NETWORK	MEDIUM	NVD
CVE-2025-3709	Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing unauthenticated remote attackers to exploit this vulnerabilit...	2025-05-02	9.8	NETWORK	CRITICAL	NVD
CVE-2025-3708	Le-show medical practice management system from Le-yan has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrar...	2025-05-02	9.8	NETWORK	CRITICAL	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.