VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-04-17
CVE-2025-3764
A vulnerability classified as critical was found in SourceCodester Web-based Pharmacy Product Management System 1.0.
network
low complexity
CWE-434
6.3
6.3
2025-04-17
CVE-2025-3765
A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0.
network
low complexity
CWE-434
6.3
6.3
2025-04-17
CVE-2025-3762
A vulnerability was found in PCMan FTP Server 2.0.7.
network
low complexity
CWE-120
7.3
7.3
2025-04-17
CVE-2025-3763
A vulnerability classified as critical has been found in SourceCodester Phone Management System 1.0.
local
low complexity
CWE-120
5.3
5.3
2025-04-17
CVE-2025-2947
IBM i 7.6 contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command.
network
low complexity
CWE-278
7.2
7.2
2025-04-17
CVE-2025-3453
The Password Protected – Password Protect your WordPress Site, Pages, & WooCommerce Products – Restrict Content, Protect WooCommerce Category and more plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.7 via the 'password_protected_cookie' function.
network
low complexity
CWE-863
5.3
5.3
2025-04-17
CVE-2025-3479
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Order Replay in all versions up to, and including, 1.42.0 via the 'handle_stripe_single' function due to insufficient validation on a user controlled key.
network
low complexity
CWE-354
5.3
5.3
2025-04-17
CVE-2025-3487
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘limit’ parameter in all versions up to, and including, 1.42.0 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.4
6.4
2025-04-17
CVE-2025-29931
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2).
network
high complexity
CWE-130
3.7
3.7
2025-04-17
CVE-2025-3615
The Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form-submission.js script in all versions up to, and including, 6.0.2 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.4
6.4
«
1
(current)
2
3
4
5
...
16861
16862
»
Next