Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-04-03 CVE-2025-3165 A vulnerability classified as critical has been found in thu-pacman chitu 0.1.0.
local
low complexity
CWE-502
5.3
5.3
2025-04-03 CVE-2025-32050 A flaw was found in libsoup.
network
high complexity
CWE-127
5.9
5.9
2025-04-03 CVE-2025-32051 A flaw was found in libsoup.
network
high complexity
CWE-754
5.9
5.9
2025-04-03 CVE-2025-3158 A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3.
local
low complexity
CWE-122
5.3
5.3
2025-04-03 CVE-2025-3159 A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3.
local
low complexity
CWE-122
5.3
5.3
2025-04-03 CVE-2024-9416 The Modula Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions <= 5.0.36) due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2025-04-03 CVE-2025-2946 Unspecified vulnerability in Pgadmin 4
pgAdmin <= 9.1 is affected by a security vulnerability with Cross-Site Scripting(XSS).
network
low complexity
pgadmin
6.1
6.1
2025-04-03 CVE-2025-2299 The LuckyWP Table of Contents plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.10.
network
low complexity
CWE-79
6.1
6.1
2025-04-03 CVE-2024-13673 The Big Boom Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bbd-search' shortcode in all versions up to, and including, 2.5.0 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2025-04-03 CVE-2025-1663 Cross-site Scripting vulnerability in Unlimited-Elements Unlimited Elements for Elementor
The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 1.5.142 due to insufficient input sanitization and output escaping.
network
low complexity
unlimited-elements CWE-79
5.4
5.4