Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6605 matches found

Cvelist
Cvelistadded 2023/08/23 1:48 p.m.20 views

CVE-2023-32498 WordPress Easy Form by AYS Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Easy Form team Easy Form by AYS plugin = 1.2.0 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
CVE
CVEadded 2023/08/23 1:48 p.m.40 views

CVE-2023-32498

CVE-2023-32498 : WordPress plugin Easy Form by AYS, affected versions ≤ 1.2.0, suffers a stored XSS vulnerability that requires administrator privileges. Patch available in version 1.2.1; update to 1.2.1 or later to fix.

5.9CVSS5AI score0.00369EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2023/08/22 7:16 p.m.1 views

DEBIAN-CVE-2022-48547

A reflected cross-site scripting XSS vulnerability in Cacti 0.8.7g and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML in the "ref" parameter at authchangepassword.php...

6.1CVSS6.1AI score0.00719EPSS
Exploits1References1
OSV
OSVadded 2023/08/22 7:16 p.m.6 views

UBUNTU-CVE-2022-48547

A reflected cross-site scripting XSS vulnerability in Cacti 0.8.7g and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML in the "ref" parameter at authchangepassword.php...

6.1CVSS5.8AI score0.00719EPSS
Exploits1References3
CNNVD
CNNVDadded 2023/08/22 12:0 a.m.2 views

Cacti 跨站脚本漏洞

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data via snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. A cross-site scripting vulnerability exists in Cacti 0.8.7g and earlier...

6.1CVSS6.1AI score0.00719EPSS
Exploits1References2
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.263 views

Fluent CMS 1.0.0 SQL Injection

==================================================================================================================================== | Title : Fluent CMS V 1.0.0 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 77.0.132-bit | ...

7.1AI score
Exploits0
GithubExploit
GithubExploitadded 2023/08/19 11:47 a.m.504 views

Exploit for CVE-2023-38646

Metabase Metabase is an open source business intelligence tool...

9.8CVSS9.9AI score0.97924EPSS
Exploits36
CVE
CVEadded 2023/08/18 3:5 p.m.38 views

CVE-2023-32130

CVE-2023-32130 affects WordPress Multi Rating Plugin prior to or at version 5.0.6. It is a Stored Cross-Site Scripting (XSS) vulnerability in the plugin’s settings exposed to authenticated administrators. The CVSS vectors in the initial entry show a low-to-medium base impact with user interaction...

5.9CVSS5AI score0.00369EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2023/08/18 2:57 p.m.56 views

CVE-2023-29387

CVE-2023-29387 affects the WordPress plugin Manager for Icomoon (Julien Crego) with a Stored Cross-Site Scripting (XSS) vulnerability in versions ≤ 2.0, exploitable by users with contributor+ permissions. Multiple sources corroborate a fix in version 2.2; update to &gt;2.0 (ideally 2.2 or later) ...

6.5CVSS5.5AI score0.0037EPSS
Exploits0References1Affected Software1
Huntr
Huntradded 2023/08/18 11:54 a.m.8 views

Important Cookie without Secure flag

Description Cookie accessToken is without Secure flag. Mentioned cookie is responsible for user auth. Proof of Concept Repro steps: As logged in user https://app.vrite.io/ open DevTools and check Cookies table, get value of accessToken cookie. Open other browser, go to app.vrite.io site, open...

6.9AI score
Exploits0References1
Cvelist
Cvelistadded 2023/08/17 9:19 p.m.17 views

CVE-2023-28690 WordPress WP BrowserUpdate Plugin <= 4.5 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marco Steinbrecher WP BrowserUpdate plugin = 4.5 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
CVE
CVEadded 2023/08/17 2:31 p.m.40 views

CVE-2023-31079

CVE-2023-31079 affects the WordPress Tippy plugin 6.2.1 and earlier (

6.5CVSS5.5AI score0.00358EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/08/16 9:56 a.m.24 views

CVE-2023-30784 WordPress Kaya QR Code Generator Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Kaya Studio Kaya QR Code Generator plugin = 1.5.2 versions...

6.5CVSS6.1AI score0.00358EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/08/15 12:40 p.m.13 views

CVE-2023-30778 WordPress PowerPress Podcasting Plugin <= 10.0.1 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry plugin = 10.0.1 versions...

5.5CVSS5.6AI score0.00344EPSS
Exploits0References1
CVE
CVEadded 2023/08/15 12:40 p.m.46 views

CVE-2023-30778

CVE-2023-30778 is a stored XSS vulnerability in the Blubrry PowerPress Podcasting plugin for WordPress, affecting versions ≤ 10.0.1. The flaw arises from how user-supplied data can be stored and later reflected in output (stored XSS via shortcode), potentially enabling an attacker with contributo...

5.5CVSS5.2AI score0.00344EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessusadded 2023/08/15 12:0 a.m.88 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : MySQL vulnerabilities (USN-6288-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6288-1 advisory. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has...

5.9CVSS6.9AI score0.01594EPSS
Exploits0References12
CVE
CVEadded 2023/08/14 2:45 p.m.50 views

CVE-2023-30752

The CVE-2023-30752 entry concerns the WordPress External Videos plugin and is documented as an authentication‑required Stored XSS in versions &lt;= 2.0.1. Affected component: External Videos plugin; root cause: insufficient input filtering/escaping that allows stored script execution when an admi...

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2023/08/14 2:39 p.m.44 views

CVE-2023-30751

CVE-2023-30751 affects the WordPress plugin Article Directory Redux (iControlWP Article Directory Redux) versions ≤ 1.0.2. It is described as an Authenticated Stored XSS vulnerability that an administrator can exploit via the plugin’s input handling. Impact is characterized as low for confidentia...

5.9CVSS5AI score0.00369EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/08/14 2:39 p.m.11 views

CVE-2023-30751 WordPress Article Directory Redux Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in iControlWP Article Directory Redux plugin = 1.0.2 versions...

5.9CVSS5.6AI score0.00369EPSS
Exploits0References1
NVD
NVDadded 2023/08/14 2:15 p.m.28 views

CVE-2023-30477

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Essitco AFFILIATE Solution plugin = 1.0 versions...

5.9CVSS5.4AI score0.00366EPSS
Exploits0References1
Rows per page
Query Builder