General-Purpose System Vulnerabilities
Vulnerabilities related to traditional IT systems, servers, and desktop applications.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-10055 | The Time Sheets plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, … | Medium (4.3) | 2025-12-05 | General-Purpose |
| CVE-2016-20023 | In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from the server if the cor… | Medium (5.0) | 2025-12-05 | General-Purpose |
| CVE-2025-13494 | The SSP Debug plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including… | Medium (5.3) | 2025-12-05 | General-Purpose |
| CVE-2025-13362 | The Norby AI plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0… | Medium (4.3) | 2025-12-05 | General-Purpose |
| CVE-2025-13313 | The CRM Memberships plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to… | Critical (9.8) | 2025-12-05 | General-Purpose |