NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-63062	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AndonDesign UDesign Core u-de...	2025-12-09	7.6	NETWORK	HIGH	NVD
CVE-2025-63061	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hogash Kallyas kallyas allows DOM-Based XSS.This...	2025-12-09	6.5	NETWORK	MEDIUM	NVD
CVE-2025-63060	Cross-Site Request Forgery (CSRF) vulnerability in hogash Kallyas kallyas.This issue affects Kallyas: from n/a through <= 4.2.	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-63059	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arscode Ninja Popups arscode-ninja-popups allows...	2025-12-09	6.5	NETWORK	MEDIUM	NVD
CVE-2025-63058	Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Hiroaki Miyashita Custom Field Template custom-field-templ...	2025-12-09	4.4	LOCAL	MEDIUM	NVD
CVE-2025-63057	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review all...	2025-12-09	8.2	NETWORK	HIGH	NVD
CVE-2025-63056	Missing Authorization vulnerability in bestwebsoft Contact Form by BestWebSoft contact-form-plugin allows Exploiting Incorrectly Configured Access Con...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-63055	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Liton Arefin Master Addons for Elementor master-...	2025-12-09	6.5	NETWORK	MEDIUM	NVD
CVE-2025-63054	Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Con...	2025-12-09	5.3	NETWORK	MEDIUM	NVD
CVE-2025-63052	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GalleryCreator SimpLy Gallery simply-gallery-blo...	2025-12-09	6.5	NETWORK	MEDIUM	NVD
CVE-2025-63050	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sizam REHub Framework rehub-framework allows Sto...	2025-12-09	6.5	NETWORK	MEDIUM	NVD
CVE-2025-63049	Missing Authorization vulnerability in CridioStudio ListingPro Lead Form listingpro-lead-form allows Accessing Functionality Not Properly Constrained ...	2025-12-09	5.3	NETWORK	MEDIUM	NVD
CVE-2025-63048	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CridioStudio ListingPro Lead Form listingpro-lea...	2025-12-09	6.5	NETWORK	MEDIUM	NVD
CVE-2025-63047	Missing Authorization vulnerability in CridioStudio ListingPro listingpro allows Exploiting Incorrectly Configured Access Control Security Levels.This...	2025-12-09	5.3	NETWORK	MEDIUM	NVD
CVE-2025-63046	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CridioStudio ListingPro listingpro-plugin allows...	2025-12-09	6.5	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.