Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-04-05 CVE-2025-3305 A vulnerability has been found in 1902756969/code-projects IKUN_Library 1.0 and classified as problematic.
network
low complexity
CWE-266
4.3
2025-04-05 CVE-2025-3304 A vulnerability, which was classified as critical, was found in code-projects Patient Record Management System 1.0.
network
low complexity
CWE-74
6.3
2025-04-05 CVE-2025-3303 A vulnerability, which was classified as critical, has been found in code-projects Patient Record Management System 1.0.
network
low complexity
CWE-74
6.3
2025-04-05 CVE-2025-3298 A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic.
network
low complexity
CWE-266
4.3
2025-04-05 CVE-2025-3299 A vulnerability was found in PHPGurukul Men Salon Management System 1.0 and classified as critical.
network
low complexity
CWE-74
7.3
2025-04-05 CVE-2025-3297 A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0.
network
low complexity
CWE-94
3.5
2025-04-05 CVE-2025-3296 A vulnerability, which was classified as critical, has been found in SourceCodester Online Eyewear Shop 1.0.
network
low complexity
CWE-74
6.3
2025-04-05 CVE-2025-2941 The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation via the wc-upload-file[] parameter in all versions up to, and including, 1.1.4.
network
low complexity
CWE-22
critical
9.8
2025-04-05 CVE-2024-13776 The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'dzsap_delete_notice' AJAX action in all versions up to, and including, 6.91.
network
low complexity
CWE-862
8.1
2025-04-05 CVE-2025-0839 The ZoomSounds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 6.91 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4