NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID Description Published Base Score Attack Vector Severity Actions
CVE-2025-46499 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hccoder PayPal Express Checkout allows Stored XS... 2025-04-24 7.1 NETWORK HIGH NVD
CVE-2025-46498 Cross-Site Request Forgery (CSRF) vulnerability in nghialuu Zalo Official Live Chat allows Cross Site Request Forgery. This issue affects Zalo Officia... 2025-04-24 5.4 NETWORK MEDIUM NVD
CVE-2025-46497 Cross-Site Request Forgery (CSRF) vulnerability in Navegg Navegg Analytics allows Stored XSS. This issue affects Navegg Analytics: from n/a through 3.... 2025-04-24 7.1 NETWORK HIGH NVD
CVE-2025-46496 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in oniswap Mini twitter feed allows Stored XSS. Thi... 2025-04-24 6.5 NETWORK MEDIUM NVD
CVE-2025-46495 Cross-Site Request Forgery (CSRF) vulnerability in tomontoast Drop Caps allows Stored XSS. This issue affects Drop Caps: from n/a through 2.1. 2025-04-24 6.5 NETWORK MEDIUM NVD
CVE-2025-46492 Cross-Site Request Forgery (CSRF) vulnerability in Pham Thanh Call Now PHT Blog allows Stored XSS. This issue affects Call Now PHT Blog: from n/a thro... 2025-04-24 7.1 NETWORK HIGH NVD
CVE-2025-46491 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matthew Muro Multi-Column Taxonomy List allows S... 2025-04-24 6.5 NETWORK MEDIUM NVD
CVE-2025-46489 Missing Authorization vulnerability in vinodvaswani9 Bulk Assign Linked Products For WooCommerce allows Accessing Functionality Not Properly Constrain... 2025-04-24 5.3 NETWORK MEDIUM NVD
CVE-2025-46485 Missing Authorization vulnerability in Carlo La Pera WP Customize Login Page allows Accessing Functionality Not Properly Constrained by ACLs. This iss... 2025-04-24 5.3 NETWORK MEDIUM NVD
CVE-2025-46484 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nasir179125 Image Hover Effects For WPBakery Pag... 2025-04-24 6.5 NETWORK MEDIUM NVD
CVE-2025-46483 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Moss Peadig’s Google +1 Button allows DOM-B... 2025-04-24 6.5 NETWORK MEDIUM NVD
CVE-2025-46481 Deserialization of Untrusted Data vulnerability in Michael Cannon Flickr Shortcode Importer allows Object Injection. This issue affects Flickr Shortco... 2025-04-24 7.2 NETWORK HIGH NVD
CVE-2025-46480 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Padam Shankhadev Nepali Post Date allows Stored ... 2025-04-24 6.5 NETWORK MEDIUM NVD
CVE-2025-46479 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevynCJohnson BBCode Deluxe allows DOM-Based XSS... 2025-04-24 6.5 NETWORK MEDIUM NVD
CVE-2025-46478 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in metaloha Dropdown Content allows Stored XSS. Thi... 2025-04-24 7.1 NETWORK HIGH NVD