NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-14451	The Solutions Ad Manager plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.0.0. This is due to insufficient ...	2025-12-13	4.7	NETWORK	MEDIUM	NVD
CVE-2025-14447	The AnnunciFunebri Impresa plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the annfu_rese...	2025-12-13	5.3	NETWORK	MEDIUM	NVD
CVE-2025-14446	The Popup Builder (Easy Notify Lite) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ...	2025-12-13	6.5	NETWORK	MEDIUM	NVD
CVE-2025-14440	The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrec...	2025-12-13	9.8	NETWORK	CRITICAL	NVD
CVE-2025-14397	The Postem Ipsum plugin for WordPress is vulnerable to unauthorized modification of data to Privilege Escalation due to a missing capability check on ...	2025-12-13	8.8	NETWORK	HIGH	NVD
CVE-2025-14395	The Popover Windows plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple ajax actions...	2025-12-13	4.3	NETWORK	MEDIUM	NVD
CVE-2025-14394	The Popover Windows plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2. This is due to missing or ...	2025-12-13	4.3	NETWORK	MEDIUM	NVD
CVE-2025-14378	The Quick Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1 ...	2025-12-13	4.4	NETWORK	MEDIUM	NVD
CVE-2025-14367	The Easy Theme Options plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0. This is due to missing a...	2025-12-13	5.3	NETWORK	MEDIUM	NVD
CVE-2025-14366	The Eyewear prescription form plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.0.1. This is due to ...	2025-12-13	5.3	NETWORK	MEDIUM	NVD
CVE-2025-14365	The Eyewear prescription form plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.0.1. This is due to ...	2025-12-13	5.3	NETWORK	MEDIUM	NVD
CVE-2025-14288	The Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery plugin for WordPress is ...	2025-12-13	4.3	NETWORK	MEDIUM	NVD
CVE-2025-14278	The HT Slider for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slide_title' parameter in all versions up to, a...	2025-12-13	6.4	NETWORK	MEDIUM	NVD
CVE-2025-14056	The Custom Post Type UI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'label' parameter during custom post type import in ...	2025-12-13	4.4	NETWORK	MEDIUM	NVD
CVE-2025-14050	The Design Import/Export plugin for WordPress is vulnerable to SQL Injection via XML File Import in all versions up to, and including, 2.2 due to insu...	2025-12-13	4.9	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.