NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-67599	Missing Authorization vulnerability in WebToffee WebToffee eCommerce Marketing Automation decorator-woocommerce-email-customizer allows Exploiting Inc...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67598	Cross-Site Request Forgery (CSRF) vulnerability in PSM Plugins SupportCandy supportcandy allows Cross Site Request Forgery.This issue affects SupportC...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67597	Missing Authorization vulnerability in Shahjahan Jewel Fluent Booking fluent-booking allows Exploiting Incorrectly Configured Access Control Security ...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67596	Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Cross Site Request Forgery.This...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67595	Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67594	Authorization Bypass Through User-Controlled Key vulnerability in ThimPress Thim Elementor Kit thim-elementor-kit allows Exploiting Incorrectly Config...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67593	Cross-Site Request Forgery (CSRF) vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a thro...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67592	Missing Authorization vulnerability in Joe Dolson My Calendar my-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67591	Cross-Site Request Forgery (CSRF) vulnerability in jegtheme JNews Paywall jnews-paywall allows Cross Site Request Forgery.This issue affects JNews Pay...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67590	Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius Ultimate FAQ ultimate-faqs allows Cross Site Request Forgery.This issue affects Ultimate...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67589	Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips woocommerce-pdf-invoices-packing-slips allows Exploiting ...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67588	Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security ...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67587	URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms FreshDesk Plugin gf-freshdesk allows Phishing.This iss...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67586	Missing Authorization vulnerability in Ronald Huereca Highlight and Share highlight-and-share allows Exploiting Incorrectly Configured Access Control ...	2025-12-09	5.3	NETWORK	MEDIUM	NVD
CVE-2025-67585	URL Redirection to Untrusted Site ('Open Redirect') vulnerability in flexmls Flexmls® IDX flexmls-idx allows Phishing.This issue affects Flexmls® IDX:...	2025-12-09	4.7	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.