VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-04-19
CVE-2025-3797
A vulnerability classified as critical was found in SeaCMS up to 13.3.
network
low complexity
CWE-74
4.7
4.7
2025-04-19
CVE-2025-1457
The Element Pack Addons for Elementor – Free Templates and Widgets for Your WordPress Websites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Wrapper Link, Countdown and Gallery widgets in all versions up to, and including, 5.10.28 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.4
6.4
2025-04-19
CVE-2025-3275
The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the TF E Slider widget in all versions up to, and including, 2.2.5 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.4
6.4
2025-04-19
CVE-2025-3284
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.1.3.
network
low complexity
CWE-352
4.3
4.3
2025-04-18
CVE-2025-3796
A vulnerability classified as critical has been found in PHPGurukul Men Salon Management System 1.0.
network
low complexity
CWE-74
6.3
6.3
2025-04-18
CVE-2025-2950
IBM i 7.3, 7.4, 7.5, and 7.5 is vulnerable to a host header injection attack caused by improper neutralization of HTTP header content by IBM Navigator for i.
network
low complexity
CWE-644
5.4
5.4
2025-04-18
CVE-2025-3791
A vulnerability classified as critical was found in symisc UnQLite up to 957c377cb691a4f617db9aba5cc46d90425071e2.
local
low complexity
CWE-122
5.3
5.3
2025-04-18
CVE-2025-3792
A vulnerability, which was classified as critical, has been found in SeaCMS up to 13.3.
network
low complexity
CWE-74
4.7
4.7
2025-04-18
CVE-2025-3790
A vulnerability classified as critical has been found in baseweb JSite 1.0.
network
low complexity
CWE-266
5.3
5.3
2025-04-18
CVE-2024-45651
IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system.
network
low complexity
CWE-613
6.3
6.3
«
Previous
1
2
...
5
6
7
(current)
8
9
...
7207
7208
»
Next