Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-03-25 CVE-2025-2510 The Frndzk Expandable Bottom Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'text' parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
5.5
5.5
2025-03-25 CVE-2025-2559 A flaw was found in Keycloak.
network
low complexity
CWE-770
4.9
4.9
2025-03-25 CVE-2025-2753 A vulnerability was found in Open Asset Import Library Assimp 5.4.3.
network
low complexity
CWE-125
6.3
6.3
2025-03-25 CVE-2025-2754 A vulnerability was found in Open Asset Import Library Assimp 5.4.3.
network
low complexity
CWE-122
6.3
6.3
2025-03-25 CVE-2025-2755 A vulnerability was found in Open Asset Import Library Assimp 5.4.3.
network
low complexity
CWE-125
6.3
6.3
2025-03-25 CVE-2025-2750 A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3.
network
low complexity
CWE-787
6.3
6.3
2025-03-25 CVE-2025-2751 A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic.
network
low complexity
CWE-125
4.3
4.3
2025-03-25 CVE-2025-2752 A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic.
network
low complexity
CWE-125
4.3
4.3
2025-03-25 CVE-2024-12623 The DICOM Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dcm' shortcode in all versions up to, and including, 0.10.6 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2025-03-25 CVE-2025-1320 The teachPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.0.9.
network
low complexity
CWE-352
4.3
4.3