NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-3053	The UiPress lite \| Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to Remote Code Execution in all versions up...	2025-05-15	8.8	NETWORK	HIGH	NVD
CVE-2025-4591	The Weluka Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'weluka-map' shortcode in all versions up to, and i...	2025-05-15	6.4	NETWORK	MEDIUM	NVD
CVE-2025-4589	The Bon Toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bt-map' shortcode in all versions up to, and inclu...	2025-05-15	6.4	NETWORK	MEDIUM	NVD
CVE-2025-4126	The EG-Series plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [series] shortcode in all versions up to, and includi...	2025-05-15	6.4	NETWORK	MEDIUM	NVD
CVE-2025-3917	The 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the download_remo...	2025-05-15	9.8	NETWORK	CRITICAL	NVD
CVE-2025-4579	The WP Content Security Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blocked-uri and effective-directive paramete...	2025-05-15	7.2	NETWORK	HIGH	NVD
CVE-2025-47783	Label Studio is a multi-type data labeling and annotation tool. A vulnerability in versions prior to 1.18.0 allows an attacker to inject a malicious s...	2025-05-14	7.6	NETWORK	HIGH	NVD
CVE-2025-46836	net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to a...	2025-05-14	6.6	LOCAL	MEDIUM	NVD
CVE-2025-32421	Next.js is a React framework for building full-stack web applications. Versions prior to 14.2.24 and 15.1.6 have a race-condition vulnerability. This ...	2025-05-14	3.7	NETWORK	LOW	NVD
CVE-2024-45067	Incorrect default permissions in some Intel(R) Gaudi(R) software installers before version 1.18 may allow an authenticated user to potentially enable ...	2025-05-14	8.2	LOCAL	HIGH	NVD
CVE-2025-29691	A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted pay...	2025-05-14	6.1	NETWORK	MEDIUM	NVD
CVE-2025-29690	A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted pay...	2025-05-14	6.1	NETWORK	MEDIUM	NVD
CVE-2025-29689	A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted pay...	2025-05-14	6.1	NETWORK	MEDIUM	NVD
CVE-2025-29688	A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted pay...	2025-05-14	6.1	NETWORK	MEDIUM	NVD
CVE-2025-29686	A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted pay...	2025-05-14	6.1	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.