Lucene search
K

6611 matches found

CVE
CVE
added 2023/04/07 12:33 p.m.46 views

CVE-2023-25705

CVE-2023-25705 describes an authenticated (admin+) stored cross-site scripting vulnerability in the WordPress plugin WP Prayer (Go Prayer, WP Prayer)

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/07 12:33 p.m.25 views

CVE-2023-25705 WordPress WP Prayer Plugin <= 1.9.6 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Go Prayer WP Prayer plugin = 1.9.6 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
NVD
NVD
added 2023/04/07 12:15 p.m.13 views

CVE-2023-25716

Auth admin+ Stored Cross-Site Scripting XSS vulnerability in gqevu6bsiz Announce from the Dashboard plugin = 1.5.1 versions...

5.9CVSS5.4AI score0.00369EPSS
Exploits0References1
Prion
Prion
added 2023/04/07 12:15 p.m.20 views

Cross site scripting

Auth admin+ Stored Cross-Site Scripting XSS vulnerability in gqevu6bsiz Announce from the Dashboard plugin = 1.5.1 versions...

4.3CVSS4.8AI score0.00369EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/07 11:58 a.m.14 views

CVE-2023-25716 WordPress Announce from the Dashboard Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Auth admin+ Stored Cross-Site Scripting XSS vulnerability in gqevu6bsiz Announce from the Dashboard plugin = 1.5.1 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
CVE
CVE
added 2023/04/07 11:58 a.m.53 views

CVE-2023-25716

CVE-2023-25716 describes a stored XSS in the WordPress plugin Announce from the Dashboard (gqevu6bsiz) versions

5.9CVSS5AI score0.00369EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/07 11:46 a.m.18 views

CVE-2023-23885 WordPress Quick Contact Form Plugin <= 8.0.3.1 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Contact Form plugin = 8.0.3.1 versions...

6.5CVSS6AI score0.00386EPSS
Exploits0References1
CVE
CVE
added 2023/04/07 11:12 a.m.65 views

CVE-2023-25049

CVE-2023-25049 affects the WordPress plugin “impleCode eCommerce Product Catalog Plugin for WordPress” (versions ≤ 3.3.4). The vulnerability is an authenticated (admin+) Stored Cross-Site Scripting (XSS) issue. Public sources in connected documents consistently describe the flaw as an XSS due to ...

5.9CVSS5AI score0.00394EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/04/07 11:1 a.m.50 views

CVE-2023-25031

CVE-2023-25031 affects the Kiboko Labs Arigato Autoresponder and Newsletter plugin for WordPress,

5.9CVSS4.9AI score0.00394EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/04/07 10:46 a.m.56 views

CVE-2023-25027

CVE-2023-25027 : A stored XSS vulnerability exists in the WordPress plugin Chained Quiz (Kiboko Labs) up to version 1.3.2.5 . The issue requires admin+ authentication and is triggered via stored input in the plugin, enabling cross‑site scripting when viewed by others. The vulnerability is address...

5.9CVSS4.9AI score0.00394EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/04/07 9:15 a.m.11 views

CVE-2023-25059

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in avalex GmbH avalex – Automatically secure legal texts plugin = 3.0.3 versions...

5.9CVSS5.4AI score0.00527EPSS
Exploits0References1
CVE
CVE
added 2023/04/07 8:40 a.m.44 views

CVE-2023-25059

CVE-2023-25059 affects the avalex WordPress plugin (versions ≤ 3.0.3). The vulnerability is a Stored Cross-Site Scripting (XSS) that requires authentication with admin+ privileges and is exploitable via user interaction. The underlying issue relates to insufficient input cleanup/output escaping i...

5.9CVSS5AI score0.00527EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/04/07 8:35 a.m.57 views

CVE-2023-25061

CVE-2023-25061 affects Kiboko Labs Arigato Autoresponder and Newsletter plugin for WordPress (versions

6.5CVSS5.4AI score0.00383EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/06 1:54 p.m.15 views

CVE-2023-23891 WordPress Ocean Extra Plugin <= 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in OceanWP Ocean Extra plugin = 2.1.1 versions. Needs the OceanWP theme installed and activated...

5.5CVSS5.4AI score0.00343EPSS
Exploits1References1
CVE
CVE
added 2023/04/06 1:54 p.m.64 views

CVE-2023-23891

The CVE-2023-23891 entry concerns the WordPress Ocean Extra plugin (OceanWP) with a Stored XSS vulnerability in versions ≤ 2.1.1 when the OceanWP theme is installed and activated. The root cause is an input handling/shortcode context that permits script injection by authenticated contributors. Af...

5.5CVSS5.2AI score0.00343EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/04/06 1:33 p.m.15 views

CVE-2023-24374 WordPress Material Design Icons for Page Builders Plugin <= 1.4.2 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Photon WP Material Design Icons for Page Builders plugin = 1.4.2 versions...

6.5CVSS6AI score0.00383EPSS
Exploits0References1
CVE
CVE
added 2023/04/06 10:57 a.m.57 views

CVE-2023-24387

WPdevart Organization chart plugin for WordPress is affected in versions

5.9CVSS4.9AI score0.00392EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/04/06 10:32 a.m.53 views

CVE-2023-24403

The CVE-2023-24403 entry describes a Stored XSS vulnerability in the WordPress bbPress Voting plugin (WP For The Win) versions

5.9CVSS4.9AI score0.00392EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/04/06 10:12 a.m.42 views

CVE-2023-24383

The CVE-2023-24383 entry affects the Kiboko Labs Namaste! LMS WordPress plugin (versions ≤ 2.5.9.1). The issue is a Stored Cross-Site Scripting (XSS) vulnerability that requires admin+ authentication to exploit. The root cause involves insufficient input handling/escaping in the plugin, enabling ...

5.9CVSS4.9AI score0.00392EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/04/06 9:15 a.m.20 views

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Timersys WP Popups – WordPress Popup plugin = 2.1.4.8 versions...

4.9CVSS5.2AI score0.00393EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder