NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-14306	A directory traversal vulnerability exists in the CacheCleaner component of Robocode version 1.9.3.6. The recursivelyDelete method fails to properly s...	2025-12-09	10.0	NETWORK	CRITICAL	NVD
CVE-2025-14286	A vulnerability was determined in Tenda AC9 15.03.05.14_multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/Downloa...	2025-12-09	5.3	NETWORK	MEDIUM	NVD
CVE-2025-14284	Versions of the package @tiptap/extension-link before 2.10.4 are vulnerable to Cross-site Scripting (XSS) due to unsanitized user input allowed in set...	2025-12-09	6.1	NETWORK	MEDIUM	NVD
CVE-2025-13662	Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a ...	2025-12-09	7.8	LOCAL	HIGH	NVD
CVE-2025-13661	Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the...	2025-12-09	7.1	NETWORK	HIGH	NVD
CVE-2025-13659	Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attac...	2025-12-09	8.8	NETWORK	HIGH	NVD
CVE-2025-13642	The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vuln...	2025-12-09	5.4	NETWORK	MEDIUM	NVD
CVE-2025-13604	The Login Security, FireWall, Malware removal by CleanTalk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the page URL in all v...	2025-12-09	7.2	NETWORK	HIGH	NVD
CVE-2025-13428	A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote C...	2025-12-09	8.6	NETWORK	HIGH	NVD
CVE-2025-13071	The Custom Admin Menu WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Refl...	2025-12-09	7.1	NETWORK	HIGH	NVD
CVE-2025-13070	The CSV to SortTable WordPress plugin through 4.2 does not validate some shortcode attributes before using them to generate paths passed to include fu...	2025-12-09	6.6	NETWORK	MEDIUM	NVD
CVE-2025-13031	The WPeMatico RSS Feed Fetcher WordPress plugin before 2.8.13 does not sanitize and escape some of its settings, which could allow high privilege user...	2025-12-09	5.9	NETWORK	MEDIUM	NVD
CVE-2025-12807	A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through expose...	2025-12-09	8.7	NETWORK	HIGH	NVD
CVE-2025-12705	The Social Reviews & Recommendations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in the 'trim_text' funct...	2025-12-09	7.2	NETWORK	HIGH	NVD
CVE-2025-12558	The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including,...	2025-12-09	4.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.