Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-02-04 CVE-2025-22475 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Data Domain Operating System
Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of a Cryptographic Primitive with a Risky Implementation vulnerability.
network
low complexity
dell CWE-327
7.5
7.5
2025-02-03 CVE-2025-24901 SQL Injection vulnerability in Wegia
WeGIA is a Web Manager for Charitable Institutions.
network
low complexity
wegia CWE-89
8.8
8.8
2025-02-03 CVE-2025-24902 SQL Injection vulnerability in Wegia
WeGIA is a Web Manager for Charitable Institutions.
network
low complexity
wegia CWE-89
8.8
8.8
2025-02-03 CVE-2025-24905 SQL Injection vulnerability in Wegia
WeGIA is a Web Manager for Charitable Institutions.
network
low complexity
wegia CWE-89
critical
 9.8
9.8
2025-02-03 CVE-2025-24906 SQL Injection vulnerability in Wegia
WeGIA is a Web Manager for Charitable Institutions.
network
low complexity
wegia CWE-89
critical
 9.8
9.8
2025-02-03 CVE-2025-24957 SQL Injection vulnerability in Wegia
WeGIA is a Web Manager for Charitable Institutions.
network
low complexity
wegia CWE-89
critical
 9.8
9.8
2025-02-03 CVE-2025-24958 SQL Injection vulnerability in Wegia
WeGIA is a Web Manager for Charitable Institutions.
network
low complexity
wegia CWE-89
8.8
8.8
2025-02-03 CVE-2024-11132 Cross-site Scripting vulnerability in Imithemes Eventer
The Eventer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.9.9 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
imithemes CWE-79
5.4
5.4
2025-02-03 CVE-2024-11133 Missing Authorization vulnerability in Imithemes Eventer
The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handle_pdf_download_request' function in all versions up to, and including, 3.9.9.
network
low complexity
imithemes CWE-862
5.3
5.3
2025-02-03 CVE-2024-11134 Missing Authorization vulnerability in Imithemes Eventer
The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eventer_export_bookings_csv' function in all versions up to, and including, 3.9.9.
network
low complexity
imithemes CWE-862
6.5
6.5