Skip to main content
CVE-2025-31528 MEDIUM This Month

Missing Authorization vulnerability in wokamoto StaticPress allows Exploiting Incorrectly Configured Access Control Security Levels.4.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-31376 MEDIUM This Month

Missing Authorization vulnerability in Mayeenul Islam NanoSupport allows Exploiting Incorrectly Configured Access Control Security Levels.6.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-31406 MEDIUM This Month

Subscriber Broken Access Control in ELEX WooCommerce Request a Quote <= 2.3.3 versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-31417 MEDIUM This Month

Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-31609 MEDIUM This Month

Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace allows Exploiting Incorrectly Configured Access Control Security Levels.0.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-31544 MEDIUM This Month

Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP allows Exploiting Incorrectly Configured Access Control Security Levels.3.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-31540 MEDIUM This Month

Missing Authorization vulnerability in acmemediakits ACME Divi Modules allows Exploiting Incorrectly Configured Access Control Security Levels.3.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-31602 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in apimofficiel Apimo Connector allows Cross Site Request Forgery.6.3.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-31600 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in designnbuy DesignO allows Cross Site Request Forgery.2.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-31572 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in v20202020 Multi Days Events and Multi Events in One Day Calendar allows Cross Site Request Forgery.1.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-31410 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Ashish Ajani WP Church Donation allows Cross Site Request Forgery.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-40864 LOW Monitor

The issue was addressed with improved handling of protocols. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
2.7
EPSS
0.4%
CVE-2025-30368 LOW PATCH Monitor

Zulip is an open-source team collaboration tool. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Zulip
NVD GitHub
CVSS 3.1
2.7
EPSS
0.2%
CVE-2025-30369 LOW PATCH Monitor

Zulip is an open-source team collaboration tool. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Zulip Server
NVD GitHub
CVSS 3.1
2.7
EPSS
0.2%
CVE-2025-30469 LOW Monitor

This issue was addressed through improved state management. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os iOS
NVD
CVSS 3.1
2.4
EPSS
0.1%
CVE-2025-24193 LOW Monitor

This issue was addressed with improved authentication. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os iOS
NVD
CVSS 3.1
2.4
EPSS
0.1%
CVE-2025-22937 CRITICAL POC Act Now

An issue in Adtran 411 ONT vL80.00.0011.M2 allows attackers to escalate privileges via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation 411 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-2989 MEDIUM POC This Week

A vulnerability was found in Tenda FH1202 1.2.0.14(408). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Information Disclosure Fh1202 Firmware
NVD VulDB
CVSS 4.0
6.9
EPSS
0.4%
CVE-2025-24517 HIGH This Month

Use of client-side authentication issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2025-2973 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in code-projects College Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass File Upload College Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.3%

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

Information Disclosure
NVD

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

Information Disclosure
NVD

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

Information Disclosure
NVD

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

Information Disclosure
NVD

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

Information Disclosure
NVD

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

Information Disclosure
NVD

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

Information Disclosure
NVD
Prev Page 8 of 8

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy