Total CVEs

142,750

Critical Severity

4,026

High Severity

14,425

Last 7 Days

1,421
Quick preset (or use dates below)
Clear Filters
Showing 14,521 - 14,540 of 14,834 CVEs
CVE-2025-59136 MEDIUM - 5.3

Insertion of Sensitive Information Into Sent Data vulnerability in Efí Bank Gerencianet Oficial allows Retrieve Embedded Sensitive Data.This issue affects Gerencianet Oficial: from n/a through 3.1.3.

Published: Dec 31, 2025
Source: NVD
CVE-2025-59130 MEDIUM - 4.3

Cross-Site Request Forgery (CSRF) vulnerability in Appointify allows Cross Site Request Forgery.This issue affects Appointify: from n/a through 1.0.8.

Published: Dec 31, 2025
Source: NVD
CVE-2025-49356 MEDIUM - 4.3

Missing Authorization vulnerability in Mykola Lukin Orders Chat for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Orders Chat for WooCommerce: from n/a through 1.2.0.

Published: Dec 31, 2025
Source: NVD
CVE-2025-49338 MEDIUM - 5.3

Missing Authorization vulnerability in Flowbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flowbox: from n/a through 1.1.5.

Published: Dec 31, 2025
Source: NVD
CVE-2025-49334 MEDIUM - 5.3

Authorization Bypass Through User-Controlled Key vulnerability in Eduardo Villão MyD Delivery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyD Delivery: from n/a through 1.3.7.

Published: Dec 31, 2025
Source: NVD
CVE-2025-63053 MEDIUM - 5.3

Authorization Bypass Through User-Controlled Key vulnerability in Jewel Theme Master Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Master Addons for Elementor: from n/a through 2.0.9.9.4.

Published: Dec 31, 2025
Source: NVD
CVE-2025-63031 MEDIUM - 5.3

Missing Authorization vulnerability in WP Grids EasyTest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EasyTest: from n/a through 1.0.1.

Published: Dec 31, 2025
Source: NVD
CVE-2025-63022 MEDIUM - 5.3

Missing Authorization vulnerability in Illia Simple Like Page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Like Page: from n/a through 1.5.3.

Published: Dec 31, 2025
Source: NVD
CVE-2025-63016 MEDIUM - 5.3

Missing Authorization vulnerability in Quadlayers QuadLayers TikTok Feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects QuadLayers TikTok Feed: from n/a through 4.6.4.

Published: Dec 31, 2025
Source: NVD
CVE-2025-63001 MEDIUM - 5.3

Missing Authorization vulnerability in nicdark Hotel Booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Booking: from n/a through 3.8.

Published: Dec 31, 2025
Source: NVD
CVE-2025-62888 MEDIUM - 5.4

Missing Authorization vulnerability in Marco Milesi WP Attachments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Attachments: from n/a through 5.2.

Published: Dec 31, 2025
Source: NVD
CVE-2025-62147 MEDIUM - 5.3

Missing Authorization vulnerability in Nik Melnik Realbig allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Realbig: from n/a through 1.1.3.

Published: Dec 31, 2025
Source: NVD
CVE-2025-62145 MEDIUM - 5.3

Missing Authorization vulnerability in NewClarity DMCA Protection Badge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DMCA Protection Badge: from n/a through 2.2.0.

Published: Dec 31, 2025
Source: NVD
CVE-2025-62141 MEDIUM - 5.3

Missing Authorization vulnerability in 101gen Wawp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wawp: from n/a through 4.0.5.

Published: Dec 31, 2025
Source: NVD
CVE-2025-62139 MEDIUM - 5.3

Insertion of Sensitive Information Into Sent Data vulnerability in Vladimir Statsenko Terms descriptions allows Retrieve Embedded Sensitive Data.This issue affects Terms descriptions: from n/a through 3.4.9.

Published: Dec 31, 2025
Source: NVD
CVE-2025-62108 MEDIUM - 5.4

Missing Authorization vulnerability in SaifuMak Add Custom Codes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Add Custom Codes: from n/a through 4.80.

Published: Dec 31, 2025
Source: NVD
CVE-2025-62098 MEDIUM - 5.4

Missing Authorization vulnerability in Totalsoft Portfolio Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery: from n/a through 1.4.8.

Published: Dec 31, 2025
Source: NVD
CVE-2025-62091 MEDIUM - 5.4

Missing Authorization vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through 2.8.2.

Published: Dec 31, 2025
Source: NVD
CVE-2025-62081 MEDIUM - 5.3

Missing Authorization vulnerability in Channelize.Io Team Live Shopping & Shoppable Videos For WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live Shopping & Shoppable Videos For WooCommerce: from n/a through 2.2.0.

Published: Dec 31, 2025
Source: NVD
CVE-2025-49349 MEDIUM - 5.3

Missing Authorization vulnerability in Reuters News Agency Reuters Direct allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reuters Direct: from n/a through 3.0.0.

Published: Dec 31, 2025
Source: NVD