Browse CVEs
145,028 medium severity vulnerabilities
| CVE ID | Title | Severity | CVSS | Risk | Patch | Published |
|---|---|---|---|---|---|---|
| CVE-2025-12404 | The Like-it plugin for WordPress is vulnerable to Cross-S... | Medium | 6.1 | Low Risk | Unpatched (27d) | 18-Nov-25 |
| CVE-2025-12406 | The Project Honey Pot Spam Trap plugin for WordPress is v... | Medium | 6.1 | Low Risk | Unpatched (27d) | 18-Nov-25 |
| CVE-2025-12079 | The WP Twitter Auto Publish plugin for WordPress is vulne... | Medium | 6.1 | Low Risk | Unpatched (27d) | 18-Nov-25 |
| CVE-2025-56526 | Cross site scripting (XSS) vulnerability in Kotaemon 0.11... | Medium | 6.1 | High Risk | Patched | 18-Nov-25 |
| CVE-2025-63514 | kishan0725 Hospital Management System has a Cross-Site Sc... | Medium | 6.1 | Low Risk | Unpatched (27d) | 18-Nov-25 |
| CVE-2025-63828 | Host Header Injection vulnerability in Backdrop CMS 1.32.... | Medium | 6.1 | Medium Risk | Unpatched (27d) | 18-Nov-25 |
| CVE-2025-13081 | Improperly Controlled Modification of Dynamically-Determi... | Medium | 5.9 | Medium Risk | Patched | 18-Nov-25 |
| CVE-2025-11427 | The WP Migrate Lite – WordPress Migration Made Easy plugi... | Medium | 5.8 | Low Risk | Unpatched (27d) | 18-Nov-25 |
| CVE-2025-37159 | A vulnerability in the web management interface of the AO... | Medium | 5.8 | Low Risk | Unpatched (27d) | 18-Nov-25 |
| CVE-2025-52457 | Observable Timing Discrepancy (CWE-208) in HBUS devices m... | Medium | 5.7 | Low Risk | Unpatched (27d) | 18-Nov-25 |