NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-14590	A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.p...	2025-12-13	7.3	NETWORK	HIGH	NVD
CVE-2025-14589	A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php...	2025-12-13	6.3	NETWORK	MEDIUM	NVD
CVE-2025-14588	A security flaw has been discovered in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /update_program...	2025-12-13	7.3	NETWORK	HIGH	NVD
CVE-2025-14587	A vulnerability was identified in itsourcecode Online Pet Shop Management System 1.0. This affects an unknown part of the file /pet1/available.php. Su...	2025-12-13	7.3	NETWORK	HIGH	NVD
CVE-2025-14586	A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089_B20211224. Affected by this issue is the function snprintf of the file /cgi-bin/cstecgi...	2025-12-13	6.3	NETWORK	MEDIUM	NVD
CVE-2025-14581	The HAPPY – Helpdesk Support Ticket System plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the 'submit...	2025-12-13	5.3	NETWORK	MEDIUM	NVD
CVE-2025-14542	The vulnerability arises when a client fetches a tools’ JSON specification, known as a Manual, from a remote Manual Endpoint. While a provider may ini...	2025-12-13	7.5	NETWORK	HIGH	NVD
CVE-2025-14540	The Userback plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the userback_get_json function in ...	2025-12-13	4.3	NETWORK	MEDIUM	NVD
CVE-2025-14539	The The Shortcode Ajax plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0. This is due to t...	2025-12-13	5.4	NETWORK	MEDIUM	NVD
CVE-2025-14508	The MediaCommander – Bring Folders to Media, Posts, and Pages plugin for WordPress is vulnerable to unauthorized data deletion due to a missing capabi...	2025-12-13	6.5	NETWORK	MEDIUM	NVD
CVE-2025-14477	The 404 Solution plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 3.1.0 due to insufficient escaping on the u...	2025-12-13	4.9	NETWORK	MEDIUM	NVD
CVE-2025-14476	The Doubly – Cross Domain Copy Paste for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1....	2025-12-13	8.8	NETWORK	HIGH	NVD
CVE-2025-14475	The Extensive VC Addons for WPBakery page builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9...	2025-12-13	8.1	NETWORK	HIGH	NVD
CVE-2025-14462	The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to mis...	2025-12-13	4.3	NETWORK	MEDIUM	NVD
CVE-2025-14454	The Image Slider by Ays- Responsive Slider and Carousel plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and in...	2025-12-13	4.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.