General-Purpose System Vulnerabilities
Vulnerabilities related to traditional IT systems, servers, and desktop applications.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-13897 | The Client Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'aft_testimonia… | Medium (6.4) | 2026-01-09 | General-Purpose |
| CVE-2025-13893 | The Lesson Plan Book plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']… | Medium (6.1) | 2026-01-09 | General-Purpose |
| CVE-2025-13892 | The MG AdvancedOptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF… | Medium (6.1) | 2026-01-09 | General-Purpose |
| CVE-2025-13862 | The Menu Card plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `category` parameter in all ver… | Medium (6.4) | 2026-01-09 | General-Purpose |
| CVE-2025-13854 | The Curved Text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'radius' parameter of the arc… | Medium (6.4) | 2026-01-09 | General-Purpose |