NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-13092	The Devs CRM – Manage tasks, attendance and teams all together plugin for WordPress is vulnerable to unauthorized access of data due to a missing capa...	2025-12-13	5.3	NETWORK	MEDIUM	NVD
CVE-2025-13089	The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'hide_fields' and the 'attr_search' parameter in all versions up to, ...	2025-12-13	7.5	NETWORK	HIGH	NVD
CVE-2025-13077	The افزونه پیامک ووکامرس فوق حرفه ای (جدید) payamito sms woocommerce plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'col...	2025-12-13	7.5	NETWORK	HIGH	NVD
CVE-2025-12512	The GenerateBlocks plugin for WordPress is vulnerable to information exposure due to missing object-level authorization checks in versions up to, and ...	2025-12-13	4.3	NETWORK	MEDIUM	NVD
CVE-2025-12362	The myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program plugin for WordPress is vulnerable to Missing Authorization...	2025-12-13	5.3	NETWORK	MEDIUM	NVD
CVE-2025-12109	The Header Footer Script Adder – Insert Code in Header, Body & Footer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the script...	2025-12-13	6.4	NETWORK	MEDIUM	NVD
CVE-2025-12077	The WP to LinkedIn Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage in all versions up to, and includ...	2025-12-13	6.1	NETWORK	MEDIUM	NVD
CVE-2025-12076	The Social Media Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage parameter in all versions up to, an...	2025-12-13	6.1	NETWORK	MEDIUM	NVD
CVE-2025-11970	The Emplibot – AI Content Writer with Keyword Research, Infographics, and Linking \| SEO Optimized \| Fully Automated plugin for WordPress is vulnerable...	2025-12-13	4.4	NETWORK	MEDIUM	NVD
CVE-2025-11707	The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unbl...	2025-12-13	5.3	NETWORK	MEDIUM	NVD
CVE-2025-11693	The Export WP Page to Static HTML & PDF plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3...	2025-12-13	9.8	NETWORK	CRITICAL	NVD
CVE-2025-11376	The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'colibri_loop' shortcode in all versions u...	2025-12-13	6.4	NETWORK	MEDIUM	NVD
CVE-2025-11164	The Mavix Education theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mavix_education_a...	2025-12-13	4.3	NETWORK	MEDIUM	NVD
CVE-2025-10738	The URL Shortener Plugin For WordPress plugin for WordPress is vulnerable to SQL Injection via the ‘analytic_id’ parameter in all versions up to, and ...	2025-12-13	9.8	NETWORK	CRITICAL	NVD
CVE-2025-10289	The Filter & Grids plugin for WordPress is vulnerable to SQL Injection via the 'phrase' parameter in all versions up to, and including, 3.2.0 due to i...	2025-12-13	5.9	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.