Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2025-01-24	CVE-2025-0702	A vulnerability classified as critical was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. network low complexity CWE-434	6.3
2025-01-24	CVE-2025-24644	Cross-site Scripting vulnerability in Webtoffee Woocommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Stored XSS. network low complexity webtoffee CWE-79	4.8
2025-01-24	CVE-2025-0700	A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. network low complexity CWE-74	6.3
2025-01-24	CVE-2025-0701	A vulnerability classified as critical has been found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. network low complexity CWE-74	6.3
2025-01-24	CVE-2024-13698	Missing Authorization vulnerability in Astoundify Jobify The Jobify - Job Board WordPress Theme for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'download_image_via_ai' and 'generate_image_via_ai' functions in all versions up to, and including, 4.2.7. network low complexity astoundify CWE-862	6.5
2025-01-24	CVE-2024-40706	IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system. network low complexity CWE-497	5.3
2025-01-24	CVE-2024-41757	IBM Concert Software 1.0.0 and 1.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. network high complexity CWE-311	5.9
2025-01-24	CVE-2024-45077	IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of adding a dot to the end of the file name if Maximo is installed on Windows operating system. network low complexity CWE-98	6.5
2025-01-24	CVE-2025-0698	A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. network low complexity CWE-74	6.3
2025-01-24	CVE-2025-0699	A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. network low complexity CWE-74	6.3

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium