Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-03-25 CVE-2024-12623 The DICOM Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dcm' shortcode in all versions up to, and including, 0.10.6 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2025-03-25 CVE-2025-1320 The teachPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.0.9.
network
low complexity
CWE-352
4.3
4.3
2025-03-25 CVE-2025-2252 The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.6.1 via the edd_ajax_get_download_title() function.
network
low complexity
CWE-200
5.3
5.3
2025-03-25 CVE-2025-2744 A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1.
network
low complexity
CWE-22
5.4
5.4
2025-03-25 CVE-2025-0845 The DesignThemes Core Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 4.8 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2025-03-25 CVE-2025-2224 The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'parse_query' function in all versions up to, and including, 8.2.
network
low complexity
CWE-862
5.3
5.3
2025-03-25 CVE-2025-2737 A vulnerability was found in PHPGurukul Old Age Home Management System 1.0.
network
low complexity
CWE-74
7.3
7.3
2025-03-25 CVE-2025-2738 A vulnerability was found in PHPGurukul Old Age Home Management System 1.0.
network
low complexity
CWE-74
7.3
7.3
2025-03-25 CVE-2025-2739 A vulnerability was found in PHPGurukul Old Age Home Management System 1.0.
network
low complexity
CWE-74
7.3
7.3
2025-03-25 CVE-2025-2733 A vulnerability classified as critical has been found in mannaandpoem OpenManus up to 2025.3.13.
network
low complexity
CWE-77
6.3
6.3