CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

RedhatCVE•added 2026/01/09 10:55 a.m.•5 views

CVE-2022-23871

Multiple cross-site scripting XSS vulnerabilities in the component outcomesaddProcess.php of Gibbon CMS v22.0.01 allow attackers to execute arbitrary web scripts or HTML via a crafted payload insterted into the name, category, description parameters...

5.4CVSS6.1AI score0.00192EPSS

Exploits1References1

NVD•added 2025/01/16 9:15 p.m.•2 views

CVE-2025-23871

Cross-Site Request Forgery CSRF vulnerability in Bas Matthee LSD Google Maps Embedder lsd-google-maps-embedder allows Cross Site Request Forgery.This issue affects LSD Google Maps Embedder: from n/a through = 1.1...

7.1CVSS0.00104EPSS

Exploits0References1

Vulnrichment•added 2025/01/16 8:7 p.m.•3 views

CVE-2025-23871 WordPress LSD Google Maps Embedder plugin <= 1.1 - CSRF to Stored XSS vulnerability

7.1CVSS7.2AI score0.00104EPSS

Exploits0References1

Cvelist•added 2025/01/16 8:7 p.m.•10 views

CVE-2025-23871 WordPress LSD Google Maps Embedder plugin <= 1.1 - CSRF to Stored XSS vulnerability

7.1CVSS0.00104EPSS

Exploits0References1

Circl•added 2024/01/26 11:26 a.m.•0 views

CVE-2024-23871

creationtimestamp| type| source ---|---|--- 2024-01-26 11:26:52+00:00| seen| https://t.me/ctinow/174150 2024-02-19 12:26:50+00:00| seen| https://t.me/ctinow/187614...

8.2CVSS6.1AI score0.00051EPSS

Exploits0References2

Cvelist•added 2024/01/26 9:11 a.m.•13 views

CVE-2024-23871 Cross-Site Scripting (XSS) vulnerability in Cups Easy

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/unitofmeasurementmodify.php, in the description parameter. Exploitation of this...

8.2CVSS7.2AI score0.00051EPSS

Exploits0References1

Vulnrichment•added 2024/01/26 9:11 a.m.•4 views

CVE-2024-23871 Cross-Site Scripting (XSS) vulnerability in Cups Easy

8.2CVSS7.1AI score0.00051EPSS

Exploits0References1

CVE•added 2024/01/26 9:11 a.m.•37 views

CVE-2024-23871

CVE-2024-23871 affects Cups Easy (Purchase & Inventory) v1.0. The vulnerability is a Cross-Site Scripting (XSS) flaw caused by insufficient encoding of user-controlled inputs in the description parameter of /cupseasylive/unitofmeasurementmodify.php. Underlying root cause is the lack of proper esc...

8.2CVSS5.8AI score0.00051EPSS

Exploits0References1Affected Software1

NVD•added 2023/08/10 11:15 a.m.•15 views

CVE-2023-23871

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Webdzier Button plugin = 1.1.23 versions...

5.9CVSS5.4AI score0.00079EPSS

Exploits0References1

CVE•added 2023/08/10 10:35 a.m.•37 views

CVE-2023-23871

CVE-2023-23871 affects the WordPress Button (Webdzier Button) plugin

5.9CVSS5AI score0.00079EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/05/12 12:0 a.m.•6 views

WordPress Button Plugin <= 1.1.23 is vulnerable to Cross Site Scripting (XSS)

Software Button Type Plugin Vulnerable versions = 1.1.23 Fixed in 1.1.24 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23871 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 53d7594604e4 Credits yuyudhn Required privilege...

5.9CVSS5.8AI score0.00079EPSS

Exploits0References2Affected Software1

Circl•added 2022/02/03 7:29 a.m.•3 views

CVE-2022-23871

creationtimestamp| type| source ---|---|--- 2022-02-03 07:29:48+00:00| seen| https://t.me/cibsecurity/36749...

5.4CVSS5.5AI score0.00192EPSS

Exploits1References1

CVE•added 2022/02/03 2:5 a.m.•62 views

CVE-2022-23871

CVE-2022-23871 affects Gibbon CMS v22.0.01, with XSS in the outcomes_addProcess.php component. The root cause is insufficient validation of client-supplied input in the name, category, and description fields, enabling attackers to inject arbitrary web scripts or HTML in a user’s browser. Multiple...

5.4CVSS5.4AI score0.00192EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by