Skip to main content
CVE-2025-5221 MEDIUM POC This Week

A vulnerability was found in FreeFloat FTP Server 1.0.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Freefloat Ftp Server
NVD VulDB
CVSS 4.0
6.9
EPSS
0.5%
CVE-2025-4683 MEDIUM PATCH Monitor

The MStore API - Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the create_blog function in. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Apple Google WordPress Authentication Bypass Mstore Api +3
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-4682 MEDIUM This Month

The Essential Blocks - Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via HTML attributes in Slider and Post Carousel widgets in. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2025-48744 MEDIUM This Month

In SIGB PMB before 8.0.1.2, attackers can achieve Local File Inclusion and remote code execution. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal Pmb
NVD
CVSS 3.1
6.4
EPSS
1.0%
CVE-2025-48743 MEDIUM This Month

SIGB PMB before 8.0.1.2 allows SQL injection. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Pmb
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-5220 MEDIUM POC This Week

A vulnerability was found in FreeFloat FTP Server 1.0.0 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Ftp Server
NVD VulDB
CVSS 4.0
6.9
EPSS
0.5%
CVE-2025-33079 MEDIUM This Month

IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain sensitive credentials that may be inadvertently included within the source code. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure IBM Cognos Controller Controller
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-5219 MEDIUM POC This Week

A vulnerability has been found in FreeFloat FTP Server 1.0.0 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Ftp Server
NVD VulDB
CVSS 4.0
6.9
EPSS
0.5%
CVE-2025-5218 MEDIUM POC This Week

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Ftp Server
NVD VulDB
CVSS 4.0
6.9
EPSS
0.5%
CVE-2025-5217 MEDIUM POC This Week

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Ftp Server
NVD VulDB
CVSS 4.0
6.9
EPSS
0.5%
CVE-2025-5216 MEDIUM POC This Week

A vulnerability classified as critical was found in PHPGurukul Student Record System 3.20. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Student Record System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-5214 MEDIUM POC This Week

A vulnerability was found in Kashipara Responsive Online Learing Platform 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Responsive Online Learing Platform
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-5213 MEDIUM POC This Week

A vulnerability was found in projectworlds Responsive E-Learning System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Responsive E Learning System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-4783 MEDIUM This Month

The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTML attributes of the Countdown Timer Widget in all versions up to, and including,. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Exclusive Addons For Elementor PHP Elementor
NVD
CVSS 3.1
6.4
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy