Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-03-25 CVE-2024-31896 IBM SPSS Statistics 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
high complexity
CWE-327
5.9
5.9
2025-03-25 CVE-2025-2109 The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.30.15 via the init() function.
network
low complexity
CWE-918
5.8
5.8
2025-03-25 CVE-2025-2542 The Your Simple SVG Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.4
6.4
2025-03-25 CVE-2025-2635 The Digital License Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg() function without appropriate escaping on the URL in all versions up to, and including, 1.7.3.
network
low complexity
CWE-79
6.1
6.1
2025-03-25 CVE-2025-2756 A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3.
network
low complexity
CWE-122
6.3
6.3
2025-03-25 CVE-2025-2757 A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3.
network
low complexity
CWE-122
6.3
6.3
2025-03-25 CVE-2024-13690 The WP Church Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several donation form submission parameters in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
7.2
7.2
2025-03-25 CVE-2024-13710 The Estatebud – Properties & Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.5.0.
network
low complexity
CWE-352
4.3
4.3
2025-03-25 CVE-2024-13731 The Alert Box Block – Display notice/alerts in the front end.
network
low complexity
CWE-79
6.4
6.4
2025-03-25 CVE-2025-2319 The EZ SQL Reports Shortcode Widget and DB Backup plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 4.11.13 to 5.25.08.
network
low complexity
CWE-352
8.8
8.8