Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-05-21 CVE-2022-1752 Unrestricted Upload of File with Dangerous Type vulnerability in Trudesk Project Trudesk
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2.
6.0
2022-05-20 CVE-2022-29427 Cross-Site Request Forgery (CSRF) vulnerability in Aftab Muni's Disable Right Click For WP plugin <= 1.1.6 at WordPress.
network
CWE-352
6.8
2022-05-20 CVE-2022-29430 Cross-Site Scripting (XSS) vulnerability in KubiQ's PNG to JPG plugin <= 4.0 at WordPress via Cross-Site Request Forgery (CSRF).
network
CWE-79
4.3
2022-05-20 CVE-2022-29431 Cross-Site Request Forgery (CSRF) vulnerability in KubiQ CPT base plugin <= 5.8 at WordPress allows an attacker to delete the CPT base.
network
CWE-352
5.8
2022-05-20 CVE-2022-29425 Cross-Site Scripting (XSS) vulnerability in WP Wham's Checkout Files Upload for WooCommerce plugin <= 2.1.2 at WordPress.
network
CWE-79
4.3
2022-05-20 CVE-2022-29448 Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress.
network
low complexity
CWE-706
4.0
2022-05-20 CVE-2022-28990 Out-of-bounds Write vulnerability in Wasm3 Project Wasm3 0.5.0
WASM3 v0.5.0 was discovered to contain a heap overflow via the component /wabt/bin/poc.wasm.
local
low complexity
wasm3-project CWE-787
4.6
2022-05-20 CVE-2022-1770 Improper Privilege Management vulnerability in Trudesk Project Trudesk
Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2.
network
low complexity
trudesk-project CWE-269
6.5
2022-05-20 CVE-2022-1784 Server-Side Request Forgery (SSRF) vulnerability in Jgraph Drawio
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.8.
network
low complexity
jgraph CWE-918
5.0
2022-05-20 CVE-2022-24290 Out-of-bounds Write vulnerability in Siemens Teamcenter and Teamcenter Visualization
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions), Teamcenter V13.2 (All versions < V13.2.0.8), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions).
network
low complexity
siemens CWE-787
5.0