Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-04-08 CVE-2025-3429 The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'material_text' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
4.9
4.9
2025-04-08 CVE-2025-3430 The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'printer_text' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
4.9
4.9
2025-04-08 CVE-2024-13820 The Melhor Envio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.15.9 via the 'run' function, which uses a hardcoded hash.
network
low complexity
CWE-200
5.3
5.3
2025-04-08 CVE-2025-3409 A vulnerability classified as critical has been found in Nothings stb up to f056911.
network
low complexity
CWE-121
6.3
6.3
2025-04-08 CVE-2025-3405 A vulnerability was found in FCJ Venture Builder appclientefiel 3.0.27.
network
low complexity
CWE-99
4.3
4.3
2025-04-08 CVE-2025-3406 A vulnerability was found in Nothings stb up to f056911.
network
low complexity
CWE-125
4.3
4.3
2025-04-08 CVE-2025-3407 A vulnerability was found in Nothings stb up to f056911.
network
low complexity
CWE-125
6.3
6.3
2025-04-08 CVE-2025-3364 The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system.
local
low complexity
 6.7
6.7
2025-04-08 CVE-2025-2519 The Sreamit theme for WordPress is vulnerable to arbitrary file downloads in all versions up to, and including, 4.0.1.
network
low complexity
CWE-22
6.5
6.5
2025-04-08 CVE-2025-3397 Cross-site Scripting vulnerability in Yzmcms 7.1
A vulnerability classified as problematic has been found in YzmCMS 7.1.
network
low complexity
yzmcms CWE-79
6.1
6.1