Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-04-03 CVE-2025-3159 A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3.
local
low complexity
CWE-122
5.3
2025-04-03 CVE-2024-9416 The Modula Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions <= 5.0.36) due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
2025-04-03 CVE-2025-2299 The LuckyWP Table of Contents plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.10.
network
low complexity
CWE-79
6.1
2025-04-03 CVE-2024-13673 The Big Boom Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bbd-search' shortcode in all versions up to, and including, 2.5.0 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
2025-04-03 CVE-2025-1663 The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 1.5.142 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.4
2025-04-03 CVE-2025-2874 The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 20240319 due to insufficient input sanitization and output escaping.
network
high complexity
CWE-79
4.4
2025-04-03 CVE-2025-3150 A vulnerability was found in itning Student Homework Management System up to 1.2.7.
network
low complexity
CWE-862
4.3
2025-04-03 CVE-2025-3142 A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0.
network
low complexity
CWE-74
6.3
2025-04-03 CVE-2025-3143 A vulnerability classified as critical has been found in SourceCodester Apartment Visitor Management System 1.0.
network
low complexity
CWE-74
6.3
2025-04-03 CVE-2025-3139 A vulnerability was found in code-projects Bus Reservation System 1.0 and classified as critical.
local
low complexity
CWE-120
5.3