General-Purpose System Vulnerabilities
Vulnerabilities related to traditional IT systems, servers, and desktop applications.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-11220 | The Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Text Path widget in al… | Medium (6.4) | 2025-12-16 | General-Purpose |
| CVE-2025-0836 | Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management … | Medium (6.3) | 2025-12-16 | General-Purpose |
| CVE-2025-14002 | The WPCOM Member plugin for WordPress is vulnerable to authentication bypass via brute force in all versions up to, and… | High (8.1) | 2025-12-16 | General-Purpose |
| CVE-2025-68088 | Missing Authorization vulnerability in merkulove Huger for Elementor huger-elementor allows Exploiting Incorrectly Conf… | Medium (5.4) | 2025-12-16 | General-Purpose |
| CVE-2025-68087 | Missing Authorization vulnerability in merkulove Modalier for Elementor modalier-elementor allows Exploiting Incorrectl… | Medium (5.4) | 2025-12-16 | General-Purpose |