Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2025-02-19	CVE-2025-1447	A vulnerability was found in kasuganosoras Pigeon 1.0.177. network low complexity CWE-918	4.3
2025-02-19	CVE-2024-13508	The Booking Package plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the locale parameter in all versions up to, and including, 1.6.72 due to insufficient input sanitization and output escaping. network low complexity CWE-79	6.1
2025-02-18	CVE-2024-13743	The Wonder Video Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wonderplugin_video shortcode in all versions up to, and including, 2.2 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity CWE-79	6.4
2025-02-18	CVE-2024-45775	A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc() to allocate memory for the grub's argument list. local high complexity CWE-252	5.2
2025-02-18	CVE-2024-45776	When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. local low complexity CWE-787	6.7
2025-02-18	CVE-2024-45781	A flaw was found in grub2. local low complexity	6.7
2025-02-18	CVE-2024-45783	A flaw was found in grub2. local low complexity CWE-911	4.4
2025-02-18	CVE-2025-0622	A flaw was found in command/gpg. local high complexity CWE-416	6.4
2025-02-18	CVE-2024-45774	A flaw was found in grub2. local low complexity CWE-787	6.7
2025-02-18	CVE-2024-13689	The Uncode Core plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.9.1.6. network low complexity CWE-94	6.3

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium