NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-67522	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NooTheme Jobmonster noo-jobmo...	2025-12-09	9.8	NETWORK	CRITICAL	NVD
CVE-2025-67521	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Select Core sel...	2025-12-09	9.8	NETWORK	CRITICAL	NVD
CVE-2025-67520	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tiny Solutions Media Library Tools media-library...	2025-12-09	9.8	NETWORK	CRITICAL	NVD
CVE-2025-67519	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shahjahan Jewel Ninja Tables ninja-tables allows...	2025-12-09	9.8	NETWORK	CRITICAL	NVD
CVE-2025-67518	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Accordion Slider PRO accordion_slid...	2025-12-09	9.8	NETWORK	CRITICAL	NVD
CVE-2025-67517	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in artplacer ArtPlacer Widget artplacer-widget allo...	2025-12-09	9.8	NETWORK	CRITICAL	NVD
CVE-2025-67516	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agile Logix Store Locator WordPress agile-store-...	2025-12-09	9.8	NETWORK	CRITICAL	NVD
CVE-2025-67515	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Wilmër wilmer a...	2025-12-09	9.8	NETWORK	CRITICAL	NVD
CVE-2025-67504	WBCE CMS is a content management system. Versions 1.6.4 and below use function GenerateRandomPassword() to create passwords using PHP's rand(). rand()...	2025-12-09	9.1	NETWORK	CRITICAL	NVD
CVE-2025-67487	Static Web Server (SWS) is a production-ready web server suitable for static web files or assets. Versions 2.40.0 and below contain symbolic links (sy...	2025-12-09	8.6	NETWORK	HIGH	NVD
CVE-2025-67474	Missing Authorization vulnerability in Ultimate Member ForumWP forumwp allows Exploiting Incorrectly Configured Access Control Security Levels.This is...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67473	Cross-Site Request Forgery (CSRF) vulnerability in codeworkweb CWW Companion cww-companion allows Cross Site Request Forgery.This issue affects CWW Co...	2025-12-09	8.8	NETWORK	HIGH	NVD
CVE-2025-67472	Cross-Site Request Forgery (CSRF) vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows...	2025-12-09	8.8	NETWORK	HIGH	NVD
CVE-2025-67471	Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal Quick Contact Form quick-contact-form allows Cross Site Request Forgery.This issue affec...	2025-12-09	8.8	NETWORK	HIGH	NVD
CVE-2025-67470	Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Essential Plugin Portfolio and Projects portfolio-and-proj...	2025-12-09	4.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.