General-Purpose System Vulnerabilities
Vulnerabilities related to traditional IT systems, servers, and desktop applications.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-14854 | The WP-CRM System plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on the wpc… | Medium (5.4) | 2026-01-14 | General-Purpose |
| CVE-2025-14725 | The Internal Link Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all v… | Medium (4.4) | 2026-01-14 | General-Purpose |
| CVE-2025-14615 | The DASHBOARD BUILDER – WordPress plugin for Charts and Graphs plugin for WordPress is vulnerable to Cross-Site Request… | High (7.1) | 2026-01-14 | General-Purpose |
| CVE-2025-14613 | The GetContentFromURL plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and incl… | High (7.2) | 2026-01-14 | General-Purpose |
| CVE-2025-14502 | The News and Blog Designer Bundle plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and… | Critical (9.8) | 2026-01-14 | General-Purpose |