CVE-2023-47528

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Sajjad Hossain Sagor WP Edit Username plugin = 1.0.5 versions...

CVE-2023-47528

CVE-2023-47528 concerns the WP Edit Username WordPress plugin (

CVE-2023-47533 WordPress Countdown and CountUp, WooCommerce Sales Timer Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in wpdevart Countdown and CountUp, WooCommerce Sales Timer plugin = 1.8.2 versions...

CVE-2023-47546

CVE-2023-47546 affects Walter Pinem OneClick Chat to Order plugin (versions

Cross site scripting

Auth. Shop Manager+ Stored Cross-Site Scripting XSS vulnerability in CedCommerce Recently viewed and most viewed products plugin = 1.1.1 versions...

CVE-2023-47554

The CVE-2023-47554 entry concerns the DenK BV Actueel Financieel Nieuws – Denk Internet Solutions WordPress plugin. Affected versions are &lt;= 5.1.0 (per NVD/Red Hat/WPVulndb entries), with an Auth. admin+ Stored XSS vulnerability in configurable settings that could be triggered by elevated-priv...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Abu Bakar TWB Woocommerce Reviews plugin = 1.7.5 versions...

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in livescore.Bz BZScore – Live Score plugin = 1.03 versions...

CVE-2023-47658

CVE-2023-47658 is an authenticated Stored XSS in actpro Extra Product Options for WooCommerce (plugin

CVE-2023-47659

CVE-2023-47659 is a stored XSS vulnerability in the Lava Directory Manager WordPress plugin by Lavacode, affecting versions up to 1.1.34. The vulnerability is exploitable by an authenticated contributor (per Patchstack) and remains unpatched in the public release history. Multiple sources corrobo...

CVE-2023-47657

Auth. ShopManager+ Stored Cross-Site Scripting XSS vulnerability in GrandPlugins Direct Checkout – Quick View – Buy Now For WooCommerce plugin = 1.5.8 versions...

PT-2023-30534 · Cedcommerce · Cedcommerce Recently Viewed/Most Viewed Products Plugin

Name of the Vulnerable Software and Affected Versions: CedCommerce Recently viewed and most viewed products plugin versions prior to 1.1.1 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. It affects users with Auth Shop Manager+ permissions. Recommendations: F...

CVE-2023-36688

CVE-2023-36688 affects WordPress Simple Site Verify plugin (versions

CVE-2023-47229

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Vyas Dipen Top 25 Social Icons plugin = 3.1 versions...

CVE-2023-47231

CVE-2023-47231 affects Bainternet ShortCodes UI plugin on WordPress (versions

CVE-2023-47227

The CVE-2023-47227 entry corresponds to an authenticated Stored XSS in the WordPress plugin “Social Feed | All social media in one place” (Web-Settler Social Feed)

CVE-2023-47223

CVE-2023-47223 affects the WordPress plugin Basic Interactive World Map (WP Map Plugins) version ≤ 2.0. The vulnerability is a stored XSS due to inadequate escaping of input in the affected component, with an attacker (admin+ privileges) able to trigger it. The issue is classified with low to med...

CVE-2023-47181

CVE-2023-47181 affects the IdeaPush WordPress plugin (

CVE-2023-46640

CVE-2023-46640 affects the WordPress Medialist plugin by D. Relton, with a stored XSS vulnerability in versions

kernel: nvme-core: fix memory leak in dhchap_ctrl_secret

In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchapctrlsecret Free dhchapsecret in nvmectrldhchapctrlsecretstore before we return when nvmeauthgeneratekey returns error...