Lucene search
K

6613 matches found

CVE
CVE
added 2023/05/03 2:31 p.m.36 views

CVE-2023-23808

CVE-2023-23808 affects the WordPress Sponsors Carousel plugin for versions prior to or equal to 4.02. The issue is an Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in the Sponsors Carousel plugin, with the root cause described as stored XSS. The available sources indicate...

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/03 2:25 p.m.38 views

CVE-2023-23809

CVE-2023-23809 concerns a stored XSS in the WordPress plugin “Stock market charts from finviz” (plugin versions

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/05/03 1:15 p.m.20 views

CVE-2023-23708

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin = 3.9.4 versions...

6.5CVSS5.9AI score0.00421EPSS
Exploits0References1
CVE
CVE
added 2023/05/03 1:5 p.m.39 views

CVE-2023-23874

CVE-2023-23874 is a stored XSS vulnerability in the WordPress Ditty plugin (versions ≤ 3.0.32) affecting contributors. The issue is caused by an insufficient input sanitization in the plugin, allowing malicious scripts to be stored and potentially executed in user sessions. The connected sources ...

6.5CVSS5.3AI score0.00387EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/03 12:39 p.m.48 views

CVE-2023-23820

The CVE-2023-23820 entry concerns the WordPress ProfilePress Plugin (Membership Team) versions <= 4.5.4. The vulnerability is a stored XSS that requires authentication (contributors or higher) to exploit. The available documents specify the issue as an Auth. (contributor+) Stored Cross-Site Sc...

6.5CVSS5.3AI score0.00411EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/05/03 11:15 a.m.32 views

CVE-2023-25797

Auth. Stored Cross-Site Scripting XSS vulnerability in Mr.Vibe vSlider Multi Image Slider for WordPress plugin = 4.1.2 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
CVE
CVE
added 2023/05/03 11:14 a.m.43 views

CVE-2023-22713

The CVE-2023-22713 issue affects WordPress Download Manager Gutenberg Blocks plugin (

6.5CVSS5.6AI score0.00361EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/03 11:8 a.m.54 views

CVE-2023-25796

CVE-2023-25796 is a stored XSS in the WordPress plugin WP BaiDu Submit (

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/03 11:4 a.m.36 views

CVE-2023-25798

CVE-2023-25798 is a Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Olevmedia Shortcodes (versions 1.1.9) to mitigate risk. Monitor for official patch details as they become publicly available.

6.5CVSS5.4AI score0.00361EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/03 10:25 a.m.57 views

CVE-2023-25797

CVE-2023-25797 affects WordPress plugin vSlider Multi Image Slider for WordPress (

5.9CVSS5AI score0.00369EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/03 10:19 a.m.38 views

CVE-2023-25784

CVE-2023-25784 refers to an admin+ stored XSS in the WordPress plugin Sticky Ad Bar (older name variants) up to version 1.3.1. Public sources in the connected documents consistently describe the flaw as arising from inadequate sanitization/escaping of plugin settings, enabling stored XSS by high-...

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/03 10:15 a.m.44 views

CVE-2023-25792

CVE-2023-25792 is an Authenticated Stored XSS vulnerability in the XiaoMac WP Open Social plugin (versions

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2023/05/01 12:0 a.m.27 views

Debian: Security Advisory (DLA-3409-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.02731EPSS
Exploits1References4
OSV
OSV
added 2023/04/30 12:0 a.m.61 views

DLA-3409-1 libapache2-mod-auth-openidc - security update

Bulletin has no description...

7.5CVSS6.6AI score0.02731EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2023/04/28 3:30 p.m.23 views

Concrete CMS (previously concrete5) is vulnerable to possible auth bypass in the jobs section

Concrete CMS previously concrete5 before 9.2 is vulnerable to possible Auth bypass in the jobs section...

3.3CVSS4.3AI score0.00755EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2023/04/28 2:15 p.m.4 views

CVE-2023-28473

Concrete CMS previously concrete5 versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to possible Auth bypass in the jobs section...

3.3CVSS6.9AI score
Exploits0References3
Prion
Prion
added 2023/04/28 2:15 p.m.11 views

Design/Logic Flaw

Concrete CMS previously concrete5 versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to possible Auth bypass in the jobs section...

3.2CVSS4.1AI score0.00755EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/04/28 12:0 a.m.47 views

CVE-2023-28473

Concrete CMS (formerly concrete5) versions 8.5.12 and earlier, and 9.0–9.1.3, are vulnerable to an authentication bypass in the jobs section. The issue stems from insufficient authentication checks (Job.php) and has been discussed in multiple advisories. Remediation: upgrade to version 9.2 or lat...

3.3CVSS4.1AI score0.00755EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/04/28 12:0 a.m.40 views

CVE-2023-28473

Concrete CMS previously concrete5 versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to possible Auth bypass in the jobs section...

4.3AI score0.00755EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/04/28 12:0 a.m.12 views

CVE-2023-28473

Concrete CMS previously concrete5 versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to possible Auth bypass in the jobs section...

7.1AI score0.00755EPSS
Exploits0References3
Rows per page
Query Builder