Skip to main content
CVE-2025-49868 MEDIUM This Month

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FunnelKit Automation By Autonami allows Phishing. This issue affects Automation By Autonami: from n/a through 3.6.0.

Open Redirect
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-6069 MEDIUM PATCH This Month

CVE-2025-6069 is a security vulnerability (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Denial Of Service Debian Ubuntu Red Hat Suse
NVD GitHub
CVSS 3.1
4.3
EPSS
0.3%
CVE-2025-47866 MEDIUM PATCH This Month

An unrestricted file upload vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to upload arbitrary files on affected installations.

File Upload Apex Central
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-3880 MEDIUM PATCH This Month

The Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin for WordPress is vulnerable to unauthorized modification of data due to a misconfigured capability check on several functions in all versions up to, and including, 19.9.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to change the email address for the account connection, and disconnect the plugin. Previously created content will still be displayed and functional if the account is disconnected.

WordPress Authentication Bypass PHP
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-49880 MEDIUM This Month

Missing Authorization vulnerability in Emraan Cheema CubeWP Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CubeWP Forms: from n/a through 1.1.5.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-49857 MEDIUM This Month

Missing Authorization vulnerability in WPExperts.io myCred allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects myCred: from n/a through 2.9.4.2.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-49874 MEDIUM This Month

A security vulnerability in Missing Authorization vulnerability in tychesoftwares Arconix FAQ (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-49865 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Helmut Wandl Advanced Settings allows Cross Site Request Forgery. This issue affects Advanced Settings: from n/a through 3.0.1.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-49856 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in CyberChimps Responsive Plus allows Cross Site Request Forgery. This issue affects Responsive Plus: from n/a through 3.2.2.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-48111 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in YITHEMES YITH PayPal Express Checkout for WooCommerce allows Cross Site Request Forgery. This issue affects YITH PayPal Express Checkout for WooCommerce: from n/a through 1.49.0.

WordPress CSRF PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy