NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-14586	A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089_B20211224. Affected by this issue is the function snprintf of the file /cgi-bin/cstecgi...	2025-12-13	6.3	NETWORK	MEDIUM	NVD
CVE-2025-14581	The HAPPY – Helpdesk Support Ticket System plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the 'submit...	2025-12-13	5.3	NETWORK	MEDIUM	NVD
CVE-2025-14542	The vulnerability arises when a client fetches a tools’ JSON specification, known as a Manual, from a remote Manual Endpoint. While a provider may ini...	2025-12-13	7.5	NETWORK	HIGH	NVD
CVE-2025-14540	The Userback plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the userback_get_json function in ...	2025-12-13	4.3	NETWORK	MEDIUM	NVD
CVE-2025-14539	The The Shortcode Ajax plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0. This is due to t...	2025-12-13	5.4	NETWORK	MEDIUM	NVD
CVE-2025-14508	The MediaCommander – Bring Folders to Media, Posts, and Pages plugin for WordPress is vulnerable to unauthorized data deletion due to a missing capabi...	2025-12-13	6.5	NETWORK	MEDIUM	NVD
CVE-2025-14477	The 404 Solution plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 3.1.0 due to insufficient escaping on the u...	2025-12-13	4.9	NETWORK	MEDIUM	NVD
CVE-2025-14476	The Doubly – Cross Domain Copy Paste for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1....	2025-12-13	8.8	NETWORK	HIGH	NVD
CVE-2025-14475	The Extensive VC Addons for WPBakery page builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9...	2025-12-13	8.1	NETWORK	HIGH	NVD
CVE-2025-14462	The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to mis...	2025-12-13	4.3	NETWORK	MEDIUM	NVD
CVE-2025-14454	The Image Slider by Ays- Responsive Slider and Carousel plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and in...	2025-12-13	4.3	NETWORK	MEDIUM	NVD
CVE-2025-14451	The Solutions Ad Manager plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.0.0. This is due to insufficient ...	2025-12-13	4.7	NETWORK	MEDIUM	NVD
CVE-2025-14447	The AnnunciFunebri Impresa plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the annfu_rese...	2025-12-13	5.3	NETWORK	MEDIUM	NVD
CVE-2025-14446	The Popup Builder (Easy Notify Lite) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ...	2025-12-13	6.5	NETWORK	MEDIUM	NVD
CVE-2025-14440	The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrec...	2025-12-13	9.8	NETWORK	CRITICAL	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.