General-Purpose System Vulnerabilities
Vulnerabilities related to traditional IT systems, servers, and desktop applications.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-68535 | Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Inco… | Critical (9.1) | 2025-12-24 | General-Purpose |
| CVE-2025-68533 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes WC Buil… | Medium (5.4) | 2025-12-24 | General-Purpose |
| CVE-2025-68532 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in modeltheme ModelT… | Medium (5.4) | 2025-12-24 | General-Purpose |
| CVE-2025-68530 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability i… | Critical (9.8) | 2025-12-24 | General-Purpose |
| CVE-2025-68529 | Cross-Site Request Forgery (CSRF) vulnerability in Rhys Wynne WP Email Capture wp-email-capture allows Cross Site Reque… | High (8.8) | 2025-12-24 | General-Purpose |