Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-04-01 CVE-2025-1665 Cross-site Scripting vulnerability in Theme-Fusion Avada Builder
The Avada (Fusion) Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes in all versions up to, and including, 3.11.14 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
theme-fusion CWE-79
5.4
5.4
2025-04-01 CVE-2025-3042 A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0.
network
low complexity
CWE-434
6.3
6.3
2025-04-01 CVE-2025-3043 A vulnerability, which was classified as critical, has been found in GuoMinJim PersonManage 1.0.
network
low complexity
CWE-22
5.3
5.3
2025-04-01 CVE-2025-3045 A vulnerability, which was classified as critical, was found in oretnom23/SourceCodester Apartment Visitor Management System 1.0.
network
low complexity
CWE-74
6.3
6.3
2025-04-01 CVE-2025-3041 A vulnerability classified as critical has been found in Project Worlds Online Time Table Generator 1.0.
network
low complexity
CWE-434
6.3
6.3
2025-03-31 CVE-2025-3037 A vulnerability has been found in yzk2356911358 StudentServlet-JSP cc0cdce25fbe43b6c58b60a77a2c85f52d2102f5/d4d7a0643f1dae908a4831206f2714b21820f991 and classified as problematic.
network
low complexity
CWE-862
4.3
4.3
2025-03-31 CVE-2025-3038 A vulnerability was found in code-projects Payroll Management System 1.0 and classified as critical.
network
low complexity
CWE-74
6.3
6.3
2025-03-31 CVE-2025-3039 A vulnerability was found in code-projects Payroll Management System 1.0.
network
low complexity
CWE-74
6.3
6.3
2025-03-31 CVE-2025-3040 A vulnerability was found in Project Worlds Online Time Table Generator 1.0.
network
low complexity
CWE-434
6.3
6.3
2025-03-31 CVE-2025-3017 A vulnerability, which was classified as critical, has been found in TA-Lib up to 0.6.4.
local
low complexity
CWE-787
5.3
5.3