Lucene search
K

6608 matches found

CVE
CVE
added 2023/05/08 12:22 p.m.38 views

CVE-2023-28169

CVE-2023-28169 affects the WordPress plugin CoreFortress Easy Event calendar (versions

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/08 11:56 a.m.40 views

CVE-2023-23668

The CVE-2023-23668 entry concerns the WordPress GiveWP plugin, versions

6.5CVSS5.3AI score0.00386EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/08 11:56 a.m.17 views

CVE-2023-23668 WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in GiveWP plugin = 2.25.1 versions...

6.5CVSS6.3AI score0.00386EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/08 11:48 a.m.17 views

CVE-2023-25021 WordPress FareHarbor for WordPress Plugin <= 3.6.6 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in FareHarbor FareHarbor for WordPress plugin = 3.6.6 versions...

5.9CVSS5.6AI score0.00369EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2023/05/07 2:15 a.m.2 views

aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +412 more potentially affected by CVE-2023-31047 via django (>=4.0.0 <=4.1.8)

django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =0.1.0, =0.0.3, =4.0.9.0, =3.1.1, =3.6.4, =3.7.0 and more Source cves: CVE-2023-31047 Source advisory: OSV:PYSEC-2023-61...

9.8CVSS6.8AI score0.0138EPSS
Exploits0
CVE
CVE
added 2023/05/06 11:3 p.m.73 views

CVE-2023-24400

CVE-2023-24400 affects the WordPress plugin Hu-manity.Co Cookie Notice & Compliance for GDPR / CCPA, specifically versions

6.5CVSS5.4AI score0.00387EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/06 6:53 a.m.51 views

CVE-2023-26519

CVE-2023-26519: Admin+ authenticated stored XSS in WordPress Publish to Schedule plugin (

5.9CVSS5AI score0.00369EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/05/04 9:15 p.m.16 views

CVE-2023-21494

Potential buffer overflow vulnerability in auth api in mmAuthentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access...

9.8CVSS6.7AI score0.0066EPSS
Exploits0References1
CVE
CVE
added 2023/05/04 8:35 p.m.54 views

CVE-2022-47434

CVE-2022-47434 affects PB SEO Friendly Images plugin for WordPress, versioned at or below 4.0.5. The vulnerability is described as an admin+ Stored Cross-Site Scripting (XSS) flaw arising from insufficient input handling/sanitization, enabling stored XSS via administrative context. Public exploit...

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/05/04 1:15 p.m.19 views

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WP OnlineSupport, Essential Plugin Hero Banner Ultimate plugin = 1.3.4 versions...

4.9CVSS5.2AI score0.00361EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/04 1:14 p.m.36 views

CVE-2023-26012

CVE-2023-26012 is a stored XSS vulnerability in the WordPress plugin “Denzel Chia | Phire Design Custom Login Page” (plugin versions ≤ 2.0). The issue requires admin+ privileges and authenticating to trigger a stored XSS vector, potentially affecting site integrity via user input handling. Public...

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/04 12:59 p.m.31 views

CVE-2023-26016

CVE-2023-26016 concerns the WordPress plugin “Simple Portfolio Gallery” by Tauhidul Alam. Affected versions are those

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/04 12:59 p.m.31 views

CVE-2023-26016 WordPress Simple Portfolio Gallery Plugin <= 0.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Tauhidul Alam Simple Portfolio Gallery plugin = 0.1 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
CVE
CVE
added 2023/05/04 12:0 a.m.41 views

CVE-2023-21494

The CVE-2023-21494 issue affects Samsung Shannon baseband, specifically the auth API in mm_Authentication.c. It describes a potential buffer overflow that could allow remote attackers to cause invalid memory access. The vulnerability is rooted in the Shannon baseband code prior to SMR May-2023 Re...

9.8CVSS9.5AI score0.0066EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/03 3:10 p.m.26 views

CVE-2023-23875 WordPress Bing Site Verification plugin using Meta Tag Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Himanshu Bing Site Verification plugin using Meta Tag plugin = 1.0 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
CVE
CVE
added 2023/05/03 2:31 p.m.36 views

CVE-2023-23808

CVE-2023-23808 affects the WordPress Sponsors Carousel plugin for versions prior to or equal to 4.02. The issue is an Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in the Sponsors Carousel plugin, with the root cause described as stored XSS. The available sources indicate...

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/03 2:25 p.m.38 views

CVE-2023-23809

CVE-2023-23809 concerns a stored XSS in the WordPress plugin “Stock market charts from finviz” (plugin versions

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/05/03 1:15 p.m.20 views

CVE-2023-23708

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin = 3.9.4 versions...

6.5CVSS5.9AI score0.00421EPSS
Exploits0References1
CVE
CVE
added 2023/05/03 1:5 p.m.39 views

CVE-2023-23874

CVE-2023-23874 is a stored XSS vulnerability in the WordPress Ditty plugin (versions ≤ 3.0.32) affecting contributors. The issue is caused by an insufficient input sanitization in the plugin, allowing malicious scripts to be stored and potentially executed in user sessions. The connected sources ...

6.5CVSS5.3AI score0.00387EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/03 12:39 p.m.48 views

CVE-2023-23820

The CVE-2023-23820 entry concerns the WordPress ProfilePress Plugin (Membership Team) versions &lt;= 4.5.4. The vulnerability is a stored XSS that requires authentication (contributors or higher) to exploit. The available documents specify the issue as an Auth. (contributor+) Stored Cross-Site Sc...

6.5CVSS5.3AI score0.00411EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder