Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2025-01-28	CVE-2025-0321	Cross-site Scripting vulnerability in Wpmet Elementskit The ElementsKit Pro plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 3.7.8 due to insufficient input sanitization and output escaping. network low complexity wpmet CWE-79	5.4
2025-01-28	CVE-2024-13509	Cross-site Scripting vulnerability in Westguardsolutions WS Form The WS Form LITE – Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url parameter in all versions up to, and including, 1.10.13 due to insufficient input sanitization and output escaping. network low complexity westguardsolutions CWE-79	6.1
2025-01-28	CVE-2024-22315	IBM Fusion and IBM Fusion HCI 2.3.0 through 2.8.2 is vulnerable to insecure network connection by allowing an attacker who gains access to a Fusion container to establish an external network connection. local high complexity CWE-923	4.0
2025-01-28	CVE-2023-50316	IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 is vulnerable to SQL injection. network low complexity CWE-89	6.3
2025-01-28	CVE-2024-27263	IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to obtain sensitive information from the dashboard UI using man in the middle techniques. network high complexity CWE-300	5.3
2025-01-28	CVE-2024-28786	IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques. low complexity CWE-319	6.5
2025-01-27	CVE-2024-37526	IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0) could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism. network low complexity CWE-497	6.5
2025-01-27	CVE-2024-54488	Unspecified vulnerability in Apple Iphone OS A logic issue was addressed with improved file handling. network low complexity apple	5.3
2025-01-27	CVE-2024-54497	Unspecified vulnerability in Apple products The issue was addressed with improved checks. network low complexity apple	6.5
2025-01-27	CVE-2024-54536	Unspecified vulnerability in Apple Macos The issue was addressed with improved validation of environment variables. local low complexity apple	5.5

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium