| 2025-01-07 | CVE-2025-0301 | Cross-site Scripting vulnerability in Fabianros Online Book Shop 1.0
A vulnerability, which was classified as problematic, has been found in code-projects Online Book Shop 1.0. | 6.1 |
| 2025-01-07 | CVE-2022-22363 | IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.3 |
| 2025-01-07 | CVE-2024-25037 | IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. | 4.3 |
| 2025-01-07 | CVE-2024-28778 | IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure of Artifactory API keys. | 6.5 |
| 2025-01-07 | CVE-2024-12131 | Authorization Bypass Through User-Controlled Key vulnerability in Wpjobportal WP JOB Portal
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.5 due to missing validation on a user controlled key. | 4.3 |
| 2025-01-07 | CVE-2024-12738 | The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several user meta parameters in all versions up to, and including, 3.12.9 due to insufficient input sanitization and output escaping. | 6.1 |
| 2025-01-07 | CVE-2024-45100 | IBM Security ReaQta 3.12 could allow a privileged user to cause a denial of service by sending multiple administration requests due to improper allocation of resources. | 4.9 |
| 2025-01-07 | CVE-2024-45640 | IBM Security ReaQta 3.12 returns sensitive information in an HTTP response that could be used in further attacks against the system. | 5.3 |
| 2025-01-07 | CVE-2024-12033 | Missing Authorization vulnerability in Artbees Jupiter X Core
The Jupiter X Core plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the sync_libraries() function in all versions up to, and including, 4.8.5. | 4.3 |
| 2025-01-07 | CVE-2024-12316 | Missing Authorization vulnerability in Artbees Jupiter X Core
The Jupiter X Core plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_popup_action() function in all versions up to, and including, 4.8.5. | 5.3 |