NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-62109	Insertion of Sensitive Information Into Sent Data vulnerability in INFINITUM FORM Geo Controller cf-geoplugin allows Retrieve Embedded Sensitive Data....	2025-12-09	7.5	NETWORK	HIGH	NVD
CVE-2025-62103	Cross-Site Request Forgery (CSRF) vulnerability in wpmediadownload Media Library File Download media-download allows Cross Site Request Forgery.This i...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-62102	Cross-Site Request Forgery (CSRF) vulnerability in apasionados DoFollow Case by Case dofollow-case-by-case allows Cross Site Request Forgery.This issu...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-62100	Missing Authorization vulnerability in themerain ThemeRain Core themerain-core allows Exploiting Incorrectly Configured Access Control Security Levels...	2025-12-09	5.3	NETWORK	MEDIUM	NVD
CVE-2025-62093	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Image&Video FullScreen Background l...	2025-12-09	8.5	NETWORK	HIGH	NVD
CVE-2025-62090	Missing Authorization vulnerability in Jegstudio Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons gutenverse-news allows Exploiti...	2025-12-09	6.5	NETWORK	MEDIUM	NVD
CVE-2025-62086	Missing Authorization vulnerability in akazanstev Яндекс Доставка (Boxberry) boxberry allows Exploiting Incorrectly Configured Access Control Security...	2025-12-09	5.4	NETWORK	MEDIUM	NVD
CVE-2025-62085	Missing Authorization vulnerability in berthaai BERTHA AI bertha-ai-free allows Exploiting Incorrectly Configured Access Control Security Levels.This ...	2025-12-09	5.3	NETWORK	MEDIUM	NVD
CVE-2025-62082	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nasir Uddin Generic Elements generic-elements-fo...	2025-12-09	6.5	NETWORK	MEDIUM	NVD
CVE-2025-61075	Multiple Incorrect Access Control vulnerabilities in adata Software GmbH Mitarbeiterportal 2.15.2.0 allow remote authenticated, low-privileged users t...	2025-12-09	8.1	NETWORK	HIGH	NVD
CVE-2025-61074	A stored Cross Site Scripting (XSS) vulnherability in the bulletin board (SchwarzeBrett) in adata Software GmbH Mitarbeiter Portal 2.15.2.0 allows rem...	2025-12-09	4.6	NETWORK	MEDIUM	NVD
CVE-2025-5471	Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1.	2025-12-09	7.3	LOCAL	HIGH	NVD
CVE-2025-5470	Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS allows Search Order Hijacking.This issue affects Disk: before 3.2.45.3275.	2025-12-09	7.3	LOCAL	HIGH	NVD
CVE-2025-5469	Uncontrolled Search Path Element vulnerability in Yandex Messenger on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.245	2025-12-09	7.3	LOCAL	HIGH	NVD
CVE-2025-59132	Cross-Site Request Forgery (CSRF) vulnerability in Badi Jones Duplicate Content Cure duplicate-content-cure allows Cross Site Request Forgery.This iss...	2025-12-09	4.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.