Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2025-01-05	CVE-2025-0221	NULL Pointer Dereference vulnerability in I0Bit Protected Folder A vulnerability has been found in IOBit Protected Folder up to 1.3.0 and classified as problematic. local low complexity i0bit CWE-476	5.5
2025-01-05	CVE-2024-13140	Cross-site Scripting vulnerability in Emlog A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. network low complexity emlog CWE-79	5.4
2025-01-05	CVE-2024-13137	Cross-site Scripting vulnerability in Wangl1989 Mysiteforme 1.0 A vulnerability was found in wangl1989 mysiteforme 1.0. network low complexity wangl1989 CWE-79	5.4
2025-01-05	CVE-2024-13135	Cross-site Scripting vulnerability in Emlog 2.4.3 A vulnerability has been found in Emlog Pro 2.4.3 and classified as problematic. network low complexity emlog CWE-79	5.4
2025-01-05	CVE-2024-13132	Cross-site Scripting vulnerability in Emlog A vulnerability classified as problematic was found in Emlog Pro up to 2.4.3. network low complexity emlog CWE-79	5.4
2025-01-04	CVE-2024-41763	IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. network high complexity CWE-327	5.9
2025-01-04	CVE-2024-41765	IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to traverse directories on the system. network low complexity CWE-22	6.5
2025-01-04	CVE-2024-41768	IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to cause an unhandled SSL exception which could leave the connection in an unexpected or insecure state. network low complexity CWE-544	6.5
2025-01-04	CVE-2024-12195	SQL Injection vulnerability in Wedevs WP Project Manager The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to SQL Injection via the 'project_id' parameter of the /wp-json/pm/v2/projects/2/task-lists REST API endpoint in all versions up to, and including, 2.6.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. network low complexity wedevs CWE-89	6.5
2025-01-04	CVE-2024-12279	The WP Social AutoConnect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.2. network low complexity CWE-352	6.1

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium