Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-02-07 CVE-2025-25160 Cross-Site Request Forgery (CSRF) vulnerability in Markbarnes Style Tweaker
Cross-Site Request Forgery (CSRF) vulnerability in Mark Barnes Style Tweaker allows Stored XSS.
network
low complexity
markbarnes CWE-352
6.1
6.1
2025-02-07 CVE-2025-25166 Cross-Site Request Forgery (CSRF) vulnerability in Gabrieldarezzo Inlocation
Cross-Site Request Forgery (CSRF) vulnerability in gabrieldarezzo InLocation allows Stored XSS.
network
low complexity
gabrieldarezzo CWE-352
6.1
6.1
2025-02-07 CVE-2025-25168 Cross-Site Request Forgery (CSRF) vulnerability in Blackandwhitedigital Bookpress 1.2.7
Cross-Site Request Forgery (CSRF) vulnerability in blackandwhitedigital BookPress – For Book Authors allows Cross-Site Scripting (XSS).
network
low complexity
blackandwhitedigital CWE-352
6.1
6.1
2025-02-07 CVE-2024-13841 The Builder Shortcode Extras – WordPress Shortcodes Collection to Save You Time plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.0 via the 'bse-elementor-template' shortcode due to insufficient restrictions on which posts can be included.
network
low complexity
CWE-639
4.3
4.3
2025-02-07 CVE-2025-1086 A vulnerability has been found in Safetytest Cloud-Master Server up to 1.1.1 and classified as critical.
network
low complexity
CWE-24
5.3
5.3
2025-02-07 CVE-2025-1085 A vulnerability, which was classified as problematic, was found in Animati PACS up to 1.24.12.09.03.
network
low complexity
CWE-94
4.3
4.3
2025-02-07 CVE-2025-1084 A vulnerability, which was classified as problematic, has been found in Mindskip xzs-mysql ????????? 3.9.0.
network
low complexity
CWE-862
4.3
4.3
2025-02-06 CVE-2025-21253 Unspecified vulnerability in Microsoft Edge
Microsoft Edge for IOS and Android Spoofing Vulnerability
network
low complexity
microsoft
5.3
5.3
2025-02-06 CVE-2025-21267 Unspecified vulnerability in Microsoft Edge Chromium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
local
low complexity
microsoft
4.4
4.4
2025-02-06 CVE-2025-0158 IBM EntireX 11.1 could allow a local user to cause a denial of service due to an unhandled error and fault isolation.
local
low complexity
CWE-248
5.5
5.5