CVE-2023-30477

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Essitco AFFILIATE Solution plugin = 1.0 versions...

CVE-2023-30477

CVE-2023-30477 describes a stored XSS in the WordPress plugin AFFILIATE Solution

CVE-2023-29097

CVE-2023-29097 is a Stored XSS vulnerability in the WordPress plugin a3 Portfolio (versions

CVE-2023-3263

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials.Successful exploitation allows the malicious agent to obtain a valid authorization token and read...

Easy2Pilot 7 SQL Injection

==================================================================================================================================== | Title : Easy2Pilot V7 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | | Vendo...

Greeva 2.0 SQL Injection

==================================================================================================================================== | Title : Greeva 2.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 115.0.264-bit | | Vendo...

CVE-2023-38397 WordPress Gestion-Pymes Plugin <= 1.5.6 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eggemplo Gestion-Pymes plugin = 1.5.6 versions...

CVE-2023-23828 WordPress WP Category Post List Widget Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Swashata WP Category Post List Widget plugin = 2.0.3 versions...

CVE-2023-23828

CVE-2023-23828 affects the WordPress plugin Swashata WP Category Post List Widget (versions

CVE-2023-34374 WordPress AnsPress – Question and answer Plugin <= 4.3.0 is vulnerable to Cross Site Scripting (XSS)

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Rahul Aryan AnsPress plugin = 4.3.0 versions...

CVE-2023-34374

The CVE-2023-34374 entry concerns the AnsPress WordPress plugin (versions

CVE-2023-23871

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Webdzier Button plugin = 1.1.23 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Catalyst Connect Catalyst Connect Zoho CRM Client Portal plugin = 2.0.0 versions...

CVE-2023-24009

Wpazure Themes Upfrontwp Theme

CVE-2023-23798 WordPress Layer Slider Plugin <= 1.1.9.7 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Muneeb Layer Slider plugin = 1.1.9.7 versions...

Digisha CMS 1.2.7 SQL Injection

==================================================================================================================================== | Title : Digisha CMS V1.2.7 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit | ...

Design/Logic Flaw

HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1...

CVE-2023-3518 JWT Auth in L7 Intentions Allow For Mismatched Service Identity and JWT Providers for Access

HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1...

CVE-2023-3518 JWT Auth in L7 Intentions Allow For Mismatched Service Identity and JWT Providers for Access

HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1...

CVE-2023-3518

HashiCorp Consul and Consul Enterprise 1.16.0 had a vulnerability in JWT-based service-mesh authentication that allowed or denied access independent of service identities. The issue is fixed in version 1.16.1. No exploitation details are provided in the connected documents. Affected product/versi...