Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-01-21 | CVE-2025-0371 | Cross-site Scripting vulnerability in Crocoblock Jetelements The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 2.7.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2025-01-21 | CVE-2024-13536 | The 1003 Mortgage Application plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.87. | 5.3 |
2025-01-21 | CVE-2024-45091 | Information Exposure Through Log Files vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.24, 7.1 through 7.1.2.10, and 7.2 through 7.2.3.13 stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs. | 5.5 |
2025-01-20 | CVE-2024-22347 | IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. | 5.9 |
2025-01-20 | CVE-2024-22348 | IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. | 5.3 |
2025-01-20 | CVE-2024-22349 | IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. | 4.0 |
2025-01-20 | CVE-2025-22131 | Cross-site Scripting vulnerability in PHPoffice PHPspreadsheet PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. | 6.1 |
2025-01-20 | CVE-2025-23218 | Unspecified vulnerability in Wegia WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. | 9.8 |
2025-01-20 | CVE-2025-23219 | Unspecified vulnerability in Wegia WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. | 9.8 |
2025-01-20 | CVE-2025-23220 | Unspecified vulnerability in Wegia WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. | 9.8 |