NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-63077	Missing Authorization vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Exploiting Incorrectly Configured Access ...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-63076	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Dream-Theme The7 Elements dt-...	2025-12-09	7.5	NETWORK	HIGH	NVD
CVE-2025-63075	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in muffingroup Betheme betheme allows DOM-Based XSS...	2025-12-09	6.5	NETWORK	MEDIUM	NVD
CVE-2025-63074	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Dream-Theme The7 dt-the7 allo...	2025-12-09	7.5	NETWORK	HIGH	NVD
CVE-2025-63073	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dream-Theme The7 dt-the7 allows DOM-Based XSS.Th...	2025-12-09	6.5	NETWORK	MEDIUM	NVD
CVE-2025-63072	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in THEMECO Cornerstone cornerstone allows Stored XS...	2025-12-09	6.5	NETWORK	MEDIUM	NVD
CVE-2025-63071	Insertion of Sensitive Information Into Sent Data vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Retrieve...	2025-12-09	5.3	NETWORK	MEDIUM	NVD
CVE-2025-63070	Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Shahjada Download Manager download-manager allows Retrieve...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-63069	Missing Authorization vulnerability in Vinod Dalvi Ivory Search add-search-to-menu allows Exploiting Incorrectly Configured Access Control Security Le...	2025-12-09	5.3	NETWORK	MEDIUM	NVD
CVE-2025-63068	Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in sevenspark Contact Form 7 Dynamic Text Extension contac...	2025-12-09	5.3	NETWORK	MEDIUM	NVD
CVE-2025-63067	Missing Authorization vulnerability in p-themes Porto Theme - Functionality porto-functionality allows Exploiting Incorrectly Configured Access Contro...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-63066	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in p-themes Porto Theme - Functionality porto-funct...	2025-12-09	6.5	NETWORK	MEDIUM	NVD
CVE-2025-63065	Authorization Bypass Through User-Controlled Key vulnerability in David Lingren Media Library Assistant media-library-assistant allows Exploiting Inco...	2025-12-09	5.4	NETWORK	MEDIUM	NVD
CVE-2025-63064	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ashanjay EventON eventon allows Stored XSS.This ...	2025-12-09	6.5	NETWORK	MEDIUM	NVD
CVE-2025-63063	Missing Authorization vulnerability in Yandex Metrika Yandex.Metrica wp-yandex-metrika allows Exploiting Incorrectly Configured Access Control Securit...	2025-12-09	6.5	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.