NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-63003	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes North - Required P...	2025-12-09	7.5	NETWORK	HIGH	NVD
CVE-2025-62999	Missing Authorization vulnerability in themezaa Litho Addons litho-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This...	2025-12-09	5.4	NETWORK	MEDIUM	NVD
CVE-2025-62997	Insertion of Sensitive Information Into Sent Data vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Retrieve Embedded Sensitive Dat...	2025-12-09	5.3	NETWORK	MEDIUM	NVD
CVE-2025-62996	Missing Authorization vulnerability in Code Amp Custom Layouts – Post + Product grids made easy custom-layouts allows Exploiting Incorrectly Configure...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-62995	Missing Authorization vulnerability in multiparcels MultiParcels Shipping For WooCommerce multiparcels-shipping-for-woocommerce allows Exploiting Inco...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-62994	Insertion of Sensitive Information Into Sent Data vulnerability in WP Messiah WP AI CoPilot ai-co-pilot-for-wp allows Retrieve Embedded Sensitive Data...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-62993	Missing Authorization vulnerability in rainafarai Notification for Telegram notification-for-telegram allows Exploiting Incorrectly Configured Access ...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-62873	Cross-Site Request Forgery (CSRF) vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request F...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-62872	Cross-Site Request Forgery (CSRF) vulnerability in JK Social Photo Fetcher facebook-photo-fetcher allows Cross Site Request Forgery.This issue affects...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-62871	Cross-Site Request Forgery (CSRF) vulnerability in Alex Prokopenko / JustCoded Just TinyMCE Custom Styles just-tinymce-styles allows Cross Site Reques...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-62870	Missing Authorization vulnerability in Eupago Eupago Gateway For Woocommerce eupago-gateway-for-woocommerce allows Exploiting Incorrectly Configured A...	2025-12-09	5.3	NETWORK	MEDIUM	NVD
CVE-2025-62869	Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net – Web Push Notifications gravitec-net-web-push-notific...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-62867	Missing Authorization vulnerability in ergonet Ergonet Cache ergonet-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Le...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-62866	Cross-Site Request Forgery (CSRF) vulnerability in Valerio Monti Auto Alt Text auto-alt-text allows Cross Site Request Forgery.This issue affects Auto...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-62865	Missing Authorization vulnerability in Evan Herman Post Cloner post-cloner allows Exploiting Incorrectly Configured Access Control Security Levels.Thi...	2025-12-09	5.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.