NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-3101	The Configurator Theme Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.4.7. This is due to the...	2025-04-24	8.8	NETWORK	HIGH	NVD
CVE-2025-3065	The Database Toolset plugin is vulnerable to arbitrary file deletion due to insufficient file path validation in a function in all versions up to, and...	2025-04-24	9.1	NETWORK	CRITICAL	NVD
CVE-2025-3058	The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capa...	2025-04-24	8.8	NETWORK	HIGH	NVD
CVE-2025-2579	The Lottie Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File uploads in all versions up to, and including, 1.1.8 due t...	2025-04-24	6.4	NETWORK	MEDIUM	NVD
CVE-2025-2543	The Advanced Accordion Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, a...	2025-04-24	6.4	NETWORK	MEDIUM	NVD
CVE-2025-1284	The Woocommerce Automatic Order Printing \| ( Formerly WooCommerce Google Cloud Print) plugin for WordPress is vulnerable to Insecure Direct Object Ref...	2025-04-24	4.3	NETWORK	MEDIUM	NVD
CVE-2024-13307	The Reales WP - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capabilit...	2025-04-24	5.3	NETWORK	MEDIUM	NVD
CVE-2025-1908	An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account tak...	2025-04-24	7.7	NETWORK	HIGH	NVD
CVE-2025-0639	An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 be...	2025-04-24	6.5	NETWORK	MEDIUM	NVD
CVE-2024-12244	An issue has been discovered in access controls could allow users to view certain restricted project information even when related features are disabl...	2025-04-24	4.3	NETWORK	MEDIUM	NVD
CVE-2025-41423	Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 fail to properly validate permissions for the API endpoint /plugins/playbook...	2025-04-24	3.1	NETWORK	LOW	NVD
CVE-2025-41395	Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 fail to properly validate the props used by the RetrospectivePost custom pos...	2025-04-24	6.5	NETWORK	MEDIUM	NVD
CVE-2025-3761	The My Tickets – Accessible Event Ticketing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.0.16. T...	2025-04-24	8.8	NETWORK	HIGH	NVD
CVE-2025-35965	Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 fail to validate the uniqueness and quantity of task actions within the Upda...	2025-04-24	6.5	NETWORK	MEDIUM	NVD
CVE-2025-32730	Use of hard-coded cryptographic key vulnerability in i-PRO Configuration Tool affects the network system for i-PRO Co., Ltd. surveillance cameras and ...	2025-04-24	6.8	LOCAL	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.