CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6605 matches found

CVE•added 2023/09/04 10:43 a.m.•50 views

CVE-2023-40206

Summary: CVE-2023-40206 is an authenticated stored XSS vulnerability in the hwk-fr WP 404 Auto Redirect to Similar Post plugin (

5.9CVSS5AI score0.00316EPSS

Exploits0References1Affected Software1

CVE•added 2023/09/04 10:21 a.m.•48 views

CVE-2023-37393

CVE-2023-37393 is a stored XSS vulnerability in the WordPress plugin Atarim Visual Website Collaboration, Feedback & Project Management – Atarim (versions 3.9.3 (Patchstack notes fixed in 3.9.4). If upgrading is not immediately possible, apply mitigations per vendor guidance and monitor for upda...

7.1CVSS5.2AI score0.0032EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/09/04 10:21 a.m.•16 views

CVE-2023-37393 WordPress Atarim Plugin <= 3.9.3 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin = 3.9.3 versions...

7.1CVSS6.1AI score0.0032EPSS

Exploits0References1

CVE•added 2023/09/04 10:9 a.m.•48 views

CVE-2023-39987

CVE-2023-39987 is an authenticated stored XSS in the WordPress wSecure Lite plugin (

5.9CVSS5.1AI score0.00316EPSS

Exploits0References1Affected Software1

CVE•added 2023/09/04 9:27 a.m.•67 views

CVE-2023-36382

CVE-2023-36382 corresponds to an authenticated Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Jeffrey-WP Media Library Categories (versions ≤ 2.0.0). The issue arises from an input/output handling flaw in the plugin’s category functionality, enabling an admin+ caller to i...

5.9CVSS4.9AI score0.00339EPSS

Exploits0References1Affected Software1

CVE•added 2023/09/03 11:43 a.m.•37 views

CVE-2023-38476

CVE-2023-38476 : Auth. (admin+) Stored XSS in the WordPress plugin “SuiteDash Direct Login” for SuiteDash :: ONE Dashboard Client Portal, affected

5.9CVSS5AI score0.00316EPSS

Exploits0References1Affected Software1

The Hacker News•added 2023/09/03 4:42 a.m.•102 views

PoC Exploit Released for Critical VMware Aria's SSH Auth Bypass Vulnerability

Proof-of-concept PoC exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations for Networks formerly vRealize Network Insight. The flaw, tracked as CVE-2023-34039, is rated 9.8 out of a maximum of 10 for severity and has been describe...

9.8CVSS9.1AI score0.63947EPSS

Exploits9

Vulnrichment•added 2023/09/01 11:18 a.m.•11 views

CVE-2023-34011 WordPress ShopConstruct Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in ShopConstruct plugin = 1.1.2 versions...

7.1CVSS5.6AI score0.0032EPSS

Exploits0References1

NVD•added 2023/09/01 11:15 a.m.•16 views

CVE-2023-25042

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Liam Gladdy Storm Consultancy oAuth Twitter Feed for Developers plugin = 2.3.0 versions...

5.9CVSS5.4AI score0.00339EPSS

Exploits0References1

CVE•added 2023/09/01 11:9 a.m.•38 views

CVE-2023-37986

CVE-2023-37986 affects the miniOrange YourMembership Single Sign On (YM SSO) Login WordPress plugin, versions

5.9CVSS5AI score0.0031EPSS

Exploits0References1Affected Software1

CVE•added 2023/09/01 10:54 a.m.•60 views

CVE-2023-25488

CVE-2023-25488 applies to the WordPress plugin WP Default Feature Image . The connected sources describe a Stored Cross-Site Scripting (XSS) vulnerability that affects versions up to and including 1.0.1.1 . The root cause is an input/processing flaw in the plugin’s default feature image handling ...

5.9CVSS4.9AI score0.00379EPSS

Exploits1References1Affected Software1

CVE•added 2023/09/01 10:51 a.m.•47 views

CVE-2023-25044

CVE-2023-25044 affects the WordPress plugin Sumo Social Share Boost (versions

5.9CVSS5AI score0.00316EPSS

Exploits0References1Affected Software1

CVE•added 2023/09/01 10:44 a.m.•38 views

CVE-2023-24412

CVE-2023-24412 describes a stored XSS vulnerability in the Web-Settler Image Social Feed WordPress plugin up to version 1.7.6, requiring admin+ authentication to exploit. The issue is associated with the Image Social Feed/“add-instagram” plugin and is documented across multiple sources (NVD/Red H...

5.9CVSS5AI score0.00316EPSS

Exploits0References1Affected Software1

CVE•added 2023/09/01 10:38 a.m.•64 views

CVE-2023-25477

CVE-2023-25477 is a stored XSS in the WordPress plugin Yotuwp Video Gallery (versions

5.9CVSS5AI score0.0031EPSS

Exploits0References1Affected Software1

NVD•added 2023/08/30 4:15 p.m.•11 views

CVE-2023-35094

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Julien Berthelot / MPEmbed WP Matterport Shortcode plugin = 2.1.4 versions...

6.5CVSS5.8AI score0.00433EPSS

Exploits1References1

Prion•added 2023/08/30 4:15 p.m.•17 views

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Julien Berthelot / MPEmbed WP Matterport Shortcode plugin = 2.1.4 versions...

4.9CVSS5.2AI score0.00433EPSS

Exploits1References1Affected Software1

CVE•added 2023/08/30 3:58 p.m.•51 views

CVE-2023-27621

CVE-2023-27621 affects the WordPress Livestream Notice plugin (MrDemonWolf Livestream Notice) with versions

5.9CVSS5AI score0.00379EPSS

Exploits1References1Affected Software1

CVE•added 2023/08/30 3:48 p.m.•43 views

CVE-2023-24401

CVE-2023-24401 is a Stored XSS vulnerability in the WordPress plugin Davidsword Mobile Call Now & Map Buttons (versions

5.9CVSS5AI score0.00379EPSS

Exploits1References1Affected Software1

CVE•added 2023/08/30 3:31 p.m.•44 views

CVE-2023-28415

The CVE-2023-28415 entry concerns the WordPress Side Cart Woocommerce (Ajax) plugin (Admin+ stored XSS). Affected versions are

5.9CVSS5AI score0.00433EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/08/30 3:27 p.m.•25 views

CVE-2023-28692 WordPress WP Abstracts Plugin <= 2.6.3 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Kevon Adonis WP Abstracts plugin = 2.6.3 versions...

5.9CVSS5.5AI score0.00402EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by