Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-12 | CVE-2025-21697 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Ensure job pointer is set to NULL after job completion After a job completes, the corresponding pointer in the device must be set to NULL. | 5.5 |
| 2025-02-12 | CVE-2025-21699 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag Truncate an inode's address space when flipping the GFS2_DIF_JDATA flag: depending on that flag, the pages in the address space will either use buffer heads or iomap_folio_state structs, and we cannot mix the two. | 5.5 |
| 2025-02-12 | CVE-2024-10322 | Cross-site Scripting vulnerability in Brizy The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping. | 5.4 |
| 2025-02-12 | CVE-2025-1199 | SQL Injection vulnerability in Mayurik Best Church Management Software 1.1 A vulnerability was found in SourceCodester Best Church Management Software 1.1. | 6.5 |
| 2025-02-12 | CVE-2024-12386 | Cross-Site Request Forgery (CSRF) vulnerability in Kevonadonis WP Abstracts The WP Abstracts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.3. | 5.4 |
| 2025-02-12 | CVE-2025-0511 | Cross-site Scripting vulnerability in Welcart E-Commerce The Welcart e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in all versions up to, and including, 2.11.9 due to insufficient input sanitization and output escaping. | 6.1 |
| 2025-02-12 | CVE-2025-1195 | Cross-site Scripting vulnerability in Fabian Real Estate Property Management System 1.0 A vulnerability, which was classified as problematic, has been found in code-projects Real Estate Property Management System 1.0. | 5.4 |
| 2025-02-12 | CVE-2025-1196 | Cross-site Scripting vulnerability in Fabian Real Estate Property Management System 1.0 A vulnerability, which was classified as problematic, was found in code-projects Real Estate Property Management System 1.0. | 5.4 |
| 2025-02-12 | CVE-2024-13437 | The Book a Room plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.9. | 4.3 |
| 2025-02-12 | CVE-2024-13456 | The Easy Quiz Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wqt-question' shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. | 6.4 |