CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3448 matches found

WPVulnDB•added 2023/08/08 12:0 a.m.•11 views

Chatbot < 4.7.8 - Admin+ Stored XSS in Language Settings

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. In the plugin settings, select...

4.8CVSS4.8AI score0.00112EPSS

Exploits2Affected Software1

OSV•added 2023/08/07 3:15 p.m.•0 views

CVE-2023-0604

The WP Food Manager WordPress plugin before 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.4CVSS7.3AI score

Exploits0References1

Prion•added 2023/08/07 3:15 p.m.•12 views

Cross site scripting

4.9CVSS5AI score0.00192EPSS

Exploits2References1Affected Software1

Prion•added 2023/08/07 3:15 p.m.•9 views

Cross site scripting

The Bubble Menu WordPress plugin before 3.0.5 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite setup...

4.3CVSS4.8AI score0.01787EPSS

Exploits2References1Affected Software1

Cvelist•added 2023/08/07 2:31 p.m.•13 views

CVE-2023-0604 WP Food Manager < 1.0.4 - Admin+ Stored XSS

5.3AI score0.00192EPSS

Exploits2References1

Vulnrichment•added 2023/08/07 2:31 p.m.•11 views

CVE-2023-0604 WP Food Manager < 1.0.4 - Admin+ Stored XSS

5.6AI score0.00192EPSS

Exploits2References1

Cvelist•added 2023/08/07 2:31 p.m.•17 views

CVE-2023-3650 Bubble Menu < 3.0.5 - Admin+ Stored XSS

5AI score0.01787EPSS

Exploits2References1

WPVulnDB•added 2023/08/07 12:0 a.m.•26 views

wpShopGermany IT-RECHT KANZLEI < 1.8 - Admin+ Stored XSS

5.9CVSS5.4AI score0.0008EPSS

Exploits0Affected Software1

Positive Technologies•added 2023/08/07 12:0 a.m.•2 views

PT-2023-16394 · WordPress · Wp Food Manager

Name of the Vulnerable Software and Affected Versions: WP Food Manager versions prior to 1.0.4 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example in multisite setup...

5.4CVSS7.5AI score0.00192EPSS

Exploits2References5

OSV•added 2023/07/31 10:15 a.m.•1 views

CVE-2023-3130

The Short URL WordPress plugin before 1.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS7.3AI score0.00157EPSS

Exploits2References1

Prion•added 2023/07/31 10:15 a.m.•16 views

Cross site scripting

4.3CVSS5.2AI score0.00157EPSS

Exploits2References1Affected Software1

Vulnrichment•added 2023/07/31 9:37 a.m.•16 views

CVE-2023-3130 Short URL < 1.6.5 - Admin+ Cross Site Scripting

5.6AI score0.00157EPSS

Exploits2References1

NVD•added 2023/07/28 4:15 p.m.•21 views

CVE-2023-38498

Discourse is an open source discussion platform. Prior to version 3.0.6 of the stable branch and version 3.1.0.beta7 of the beta and tests-passed branches, a malicious user can prevent the defer queue from proceeding promptly on sites hosted in the same multisite installation. The issue is patche...

6.5CVSS4.8AI score0.00158EPSS

Exploits2References2

Prion•added 2023/07/28 4:15 p.m.•18 views

Design/Logic Flaw

4CVSS6.3AI score0.00158EPSS

Exploits2References2Affected Software1

OSV•added 2023/07/28 3:18 p.m.•34 views

CVE-2023-38498 Discourse vulnerable to DoS via defer queue

4.3CVSS6.3AI score0.00158EPSS

Exploits2References4

Vulnrichment•added 2023/07/28 3:18 p.m.•28 views

CVE-2023-38498 Discourse vulnerable to DoS via defer queue

4.3CVSS6.6AI score0.00158EPSS

Exploits2References2

Cvelist•added 2023/07/28 3:18 p.m.•28 views

CVE-2023-38498 Discourse vulnerable to DoS via defer queue

4.3CVSS6.5AI score0.00158EPSS

Exploits2References2

CVE•added 2023/07/28 3:18 p.m.•105 views

CVE-2023-38498

Discourse (open source forum software) is affected by CVE-2023-38498. Prior to Discourse 3.0.6 (stable) and 3.1.0.beta7 (beta/tests-passed), a malicious user can cause the defer queue to not progress promptly on multisite installations within the same site. The vulnerability is fixed in 3.0.6 (st...

6.5CVSS5.2AI score0.00158EPSS

Exploits2References2Affected Software1

CNNVD•added 2023/07/28 12:0 a.m.•2 views

Discourse 安全漏洞

Discourse is an open source community discussion platform. The platform includes community, email, and chat room features. A security vulnerability exists in Discourse that originates from a malicious user being able to prevent a delayed queue from proceeding quickly on sites hosted in the same...

6.5CVSS6.4AI score0.00158EPSS

Exploits2References3

Positive Technologies•added 2023/07/28 12:0 a.m.•1 views

PT-2023-26478 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.0.6 of the stable branch and version 3.1.0.beta7 of the beta and tests-passed branches Description: A malicious user can prevent the defer queue from proceeding promptly on sites hosted in the same multisite...

6.5CVSS6.3AI score0.00158EPSS

Exploits2References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by