Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-10 | CVE-2025-2151 | Out-of-bounds Write vulnerability in Assimp 5.4.3 A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. | 8.8 |
| 2025-03-10 | CVE-2025-2147 | Forced Browsing vulnerability in Caishixiong Modern Farm Digital Integrated Management System 1.0 A vulnerability was found in Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System 1.0. | 7.5 |
| 2025-03-09 | CVE-2025-2132 | Injection vulnerability in Ftcms 2.1 A vulnerability classified as critical has been found in ftcms 2.1. | 7.2 |
| 2025-03-09 | CVE-2025-2126 | Injection vulnerability in Joomlaux JUX Real Estate 3.4.0 A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla and classified as critical. | 8.8 |
| 2025-03-09 | CVE-2025-2121 | Unspecified vulnerability in Thinkwarestore F800 PRO Firmware A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226. low complexity thinkwarestore | 8.8 |
| 2025-03-09 | CVE-2025-2118 | A vulnerability was found in Quantico Tecnologia PRMV 6.48. | 7.3 |
| 2025-03-08 | CVE-2024-11640 | Cross-Site Request Forgery (CSRF) vulnerability in E4Jconnect Vikrentcar The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. | 8.8 |
| 2025-03-08 | CVE-2024-13882 | Unrestricted Upload of File with Dangerous Type vulnerability in Coderevolution Aiomatic The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomatic_generate_featured_image' function in all versions up to, and including, 2.3.8. | 8.8 |
| 2025-03-08 | CVE-2024-13908 | Unrestricted Upload of File with Dangerous Type vulnerability in Bestwebsoft Smtp The SMTP by BestWebSoft plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'save_options' function in all versions up to, and including, 1.1.9. | 7.2 |
| 2025-03-08 | CVE-2024-13835 | Improper Privilege Management vulnerability in Wpexpertplugins Post Meta Data Manager The Post Meta Data Manager plugin for WordPress is vulnerable to multisite privilege escalation in all versions up to, and including, 1.4.3. | 7.2 |