Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-04-04 CVE-2025-3237 A vulnerability was found in Tenda FH1202 1.2.0.14(408).
network
low complexity
CWE-266
5.3
5.3
2025-04-04 CVE-2025-3229 A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0.
network
low complexity
CWE-74
4.7
4.7
2025-04-04 CVE-2025-2797 The Woffice Core plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.4.21.
network
low complexity
CWE-352
5.4
5.4
2025-04-04 CVE-2025-3215 A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical.
network
low complexity
CWE-74
6.3
6.3
2025-04-04 CVE-2024-13898 The Simple Banner – Easily add multiple Banners/Bars/Notifications/Announcements to the top or bottom of your website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.5 due to insufficient input sanitization and output escaping.
network
high complexity
CWE-79
4.4
4.4
2025-04-04 CVE-2025-2836 The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘payment_method’ parameter in all versions up to, and including, 6.0.4.3 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.4
6.4
2025-04-04 CVE-2025-3211 A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0.
network
low complexity
CWE-74
6.3
6.3
2025-04-04 CVE-2025-3214 A vulnerability has been found in JFinal CMS up to 5.2.4 and classified as problematic.
network
low complexity
CWE-22
4.3
4.3
2025-04-04 CVE-2025-3209 A vulnerability was found in code-projects Patient Record Management System 1.0.
network
low complexity
CWE-74
6.3
6.3
2025-04-04 CVE-2025-25001 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
network
low complexity
CWE-79
4.3
4.3