Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-04-04 CVE-2025-3241 A vulnerability, which was classified as problematic, was found in zhangyanbo2007 youkefu up to 4.2.0.
network
low complexity
CWE-611
6.3
6.3
2025-04-04 CVE-2025-3242 A vulnerability has been found in PHPGurukul e-Diary Management System 1.0 and classified as critical.
network
low complexity
CWE-74
6.3
6.3
2025-04-04 CVE-2025-3235 A vulnerability was found in PHPGurukul Old Age Home Management System 1.0.
network
low complexity
CWE-74
6.3
6.3
2025-04-04 CVE-2025-3236 A vulnerability was found in Tenda FH1202 1.2.0.14(408).
network
low complexity
CWE-266
5.3
5.3
2025-04-04 CVE-2025-3237 A vulnerability was found in Tenda FH1202 1.2.0.14(408).
network
low complexity
CWE-266
5.3
5.3
2025-04-04 CVE-2025-3229 A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0.
network
low complexity
CWE-74
4.7
4.7
2025-04-04 CVE-2025-2797 The Woffice Core plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.4.21.
network
low complexity
CWE-352
5.4
5.4
2025-04-04 CVE-2025-3215 A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical.
network
low complexity
CWE-74
6.3
6.3
2025-04-04 CVE-2024-13898 The Simple Banner – Easily add multiple Banners/Bars/Notifications/Announcements to the top or bottom of your website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.5 due to insufficient input sanitization and output escaping.
network
high complexity
CWE-79
4.4
4.4
2025-04-04 CVE-2025-2836 The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘payment_method’ parameter in all versions up to, and including, 6.0.4.3 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.4
6.4