Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2025-03-28	CVE-2025-1705	The tagDiv Composer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.3. network low complexity CWE-79	6.1
2025-03-28	CVE-2025-2074	The Advanced Google reCAPTCHA plugin for WordPress is vulnerable to generic SQL Injection via the ‘sSearch’ parameter in all versions up to, and including, 1.29 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. network high complexity CWE-89	5.3
2025-03-28	CVE-2025-2578	The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2.19 via the 'wpAmeliaApiCall' function. network low complexity CWE-200	5.3
2025-03-28	CVE-2025-2804	The tagDiv Composer plugin for WordPress, used by the Newspaper theme, is vulnerable to Reflected Cross-Site Scripting via the 'account_id' and 'account_username' parameters in all versions up to, and including, 5.3 due to insufficient input sanitization and output escaping. network low complexity CWE-79	6.1
2025-03-27	CVE-2023-37405	IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 stores sensitive data in memory, that could be obtained by an unauthorized user. network low complexity CWE-311	6.5
2025-03-27	CVE-2023-38272	IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 could allow a user with access to the network to obtain sensitive information from CLI arguments. network high complexity CWE-300	5.9
2025-03-27	CVE-2025-2855	A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. network low complexity CWE-502	4.7
2025-03-27	CVE-2025-31176	A flaw was found in gnuplot. local low complexity CWE-476	6.2
2025-03-27	CVE-2025-31178	A flaw was found in gnuplot. local low complexity CWE-476	6.2
2025-03-27	CVE-2025-31179	A flaw was found in gnuplot. local low complexity CWE-476	6.2

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium