Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-01-04 CVE-2024-12545 The Scratch & Win – Giveaways and Contests.
network
low complexity
CWE-352
5.4
2025-01-04 CVE-2024-12701 The WP Smart Import : Import any XML File to WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘ page’ parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.1
2025-01-04 CVE-2025-0204 SQL Injection vulnerability in Code-Projects Online Shoe Store 1.0
A vulnerability was found in code-projects Online Shoe Store 1.0.
network
low complexity
code-projects CWE-89
critical
9.8
2025-01-04 CVE-2025-0203 SQL Injection vulnerability in Code-Projects Student Management System 1.0
A vulnerability was found in code-projects Student Management System 1.0.
network
low complexity
code-projects CWE-89
critical
9.8
2025-01-04 CVE-2025-0201 SQL Injection vulnerability in Code-Projects Point of Sales and Inventory Management System 1.0
A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as critical.
network
low complexity
code-projects CWE-89
6.5
2025-01-04 CVE-2025-0200 SQL Injection vulnerability in Code-Projects Point of Sales and Inventory Management System 1.0
A vulnerability has been found in code-projects Point of Sales and Inventory Management System 1.0 and classified as critical.
network
low complexity
code-projects CWE-89
6.5
2025-01-03 CVE-2024-11733 The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.1.0.
network
low complexity
CWE-94
7.3
2025-01-03 CVE-2024-12237 The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.15 via the rjg_get_youtube_info_justified_gallery_callback function.
network
low complexity
CWE-918
4.3
2025-01-03 CVE-2024-55896 IBM PowerHA SystemMirror for i 7.4 and 7.5 contains improper restrictions when rendering content via iFrames.
network
low complexity
CWE-451
5.4
2025-01-03 CVE-2025-0199 SQL Injection vulnerability in Code-Projects Point of Sales and Inventory Management System 1.0
A vulnerability, which was classified as critical, was found in code-projects Point of Sales and Inventory Management System 1.0.
network
low complexity
code-projects CWE-89
6.5