Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-12 | CVE-2025-1190 | Cross-site Scripting vulnerability in Anisha JOB Recruitment 1.0 A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. | 6.1 |
| 2025-02-12 | CVE-2024-13814 | Code Injection vulnerability in Lcweb Global Gallery The The Global Gallery - WordPress Responsive Gallery plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 9.1.5. | 8.8 |
| 2025-02-12 | CVE-2025-1187 | Out-of-bounds Write vulnerability in Code-Projects Police FIR Record Management System 1.0 A vulnerability classified as critical was found in code-projects Police FIR Record Management System 1.0. | 7.8 |
| 2025-02-12 | CVE-2025-1188 | SQL Injection vulnerability in Codezips GYM Management System 1.0 A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. | 9.8 |
| 2025-02-12 | CVE-2025-1183 | SQL Injection vulnerability in Codezips GYM Management System 1.0 A vulnerability has been found in CodeZips Gym Management System 1.0 and classified as critical. | 9.8 |
| 2025-02-12 | CVE-2025-26520 | Unspecified vulnerability in Cacti 1.2.27/1.2.28 Cacti through 1.2.29 allows SQL injection in the template function in host_templates.php via the graph_template parameter. | 9.8 |
| 2025-02-12 | CVE-2024-13374 | Missing Authorization vulnerability in Joomunited WP Table Manager The WP Table Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on thewptm_getFolders AJAX action in all versions up to, and including, 4.1.3. | 6.5 |
| 2025-02-12 | CVE-2024-13600 | Unspecified vulnerability in Majesticsupport Majestic Support The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.5 via the 'majesticsupportdata' directory. | 7.5 |
| 2025-02-12 | CVE-2024-13601 | Authorization Bypass Through User-Controlled Key vulnerability in Majesticsupport Majestic Support The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.0.5 via the 'exportusereraserequest' function due to missing validation on a user controlled key. | 4.3 |
| 2025-02-12 | CVE-2024-13714 | The All-Images.ai – IA Image Bank and Custom Image creation plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the '_get_image_by_url' function in all versions up to, and including, 1.0.4. | 8.8 |