NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-46260	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wowDevs Sky Addons for Elementor allows Stored X...	2025-04-24	6.5	NETWORK	MEDIUM	NVD
CVE-2025-46248	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in M A Vinoth Kumar Frontend Dashboard allows SQL I...	2025-04-24	9.3	NETWORK	CRITICAL	NVD
CVE-2025-46234	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Habibur Rahman Razib Control Listings allows Ref...	2025-04-24	7.1	NETWORK	HIGH	NVD
CVE-2025-46230	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in GhozyLab Popup Builder allows...	2025-04-24	7.5	NETWORK	HIGH	NVD
CVE-2025-39408	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EverPress BruteGuard – Brute Force Login Protect...	2025-04-24	7.1	NETWORK	HIGH	NVD
CVE-2025-39404	URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Heateor Support Sassy Social Share allows Phishing. This issue affects Sassy Soci...	2025-04-24	4.7	NETWORK	MEDIUM	NVD
CVE-2025-39400	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration allows Reflected XSS...	2025-04-24	7.1	NETWORK	HIGH	NVD
CVE-2025-39399	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ashraful Sarkar Naiem License...	2025-04-24	7.5	NETWORK	HIGH	NVD
CVE-2025-39397	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus@hotmail.com Anything Popup allows Refle...	2025-04-24	7.1	NETWORK	HIGH	NVD
CVE-2025-39391	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in zamartz Checkout Field Visibi...	2025-04-24	7.5	NETWORK	HIGH	NVD
CVE-2025-39390	Missing Authorization vulnerability in magepeopleteam Booking and Rental Manager allows Accessing Functionality Not Properly Constrained by ACLs. This...	2025-04-24	5.3	NETWORK	MEDIUM	NVD
CVE-2025-39387	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WPoperation Opstore allows PH...	2025-04-24	7.5	NETWORK	HIGH	NVD
CVE-2025-39385	Missing Authorization vulnerability in VW Themes Sirat allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sir...	2025-04-24	4.3	NETWORK	MEDIUM	NVD
CVE-2025-39384	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in cedcommerce Product Lister fo...	2025-04-24	7.5	NETWORK	HIGH	NVD
CVE-2025-39383	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Code Work Web Xews Lite allow...	2025-04-24	7.5	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.