Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2673 matches found

Patchstack
Patchstackadded 2023/08/11 12:0 a.m.8 views

WordPress WP Like Button Plugin <= 1.7.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Like Button Type Plugin Vulnerable versions = 1.7.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-40199 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID d2b8e4fea138 Credits Abdi Pranata Required...

8.8CVSS6.6AI score0.00208EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2023/08/10 11:15 a.m.4 views

CVE-2023-23871

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Webdzier Button plugin = 1.1.23 versions...

4.8CVSS7.3AI score0.00366EPSS
Exploits0References1
NVD
NVDadded 2023/08/10 11:15 a.m.23 views

CVE-2023-23871

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Webdzier Button plugin = 1.1.23 versions...

5.9CVSS5.4AI score0.00366EPSS
Exploits0References1
Prion
Prionadded 2023/08/10 11:15 a.m.13 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Webdzier Button plugin = 1.1.23 versions...

4.3CVSS4.8AI score0.00366EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/08/10 10:35 a.m.14 views

CVE-2023-23871 WordPress Button Plugin <= 1.1.23 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Webdzier Button plugin = 1.1.23 versions...

5.9CVSS5.6AI score0.00366EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/08/10 10:35 a.m.23 views

CVE-2023-23871 WordPress Button Plugin <= 1.1.23 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Webdzier Button plugin = 1.1.23 versions...

5.9CVSS5.5AI score0.00366EPSS
Exploits0References1
CVE
CVEadded 2023/08/10 10:35 a.m.42 views

CVE-2023-23871

CVE-2023-23871 affects the WordPress Button (Webdzier Button) plugin

5.9CVSS5AI score0.00366EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2023/08/10 12:0 a.m.3 views

PT-2023-19270 · Unknown · Webdzier Button

Name of the Vulnerable Software and Affected Versions: Webdzier Button plugin versions = 1.1.23 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. This vulnerability affects the Webdzier Button plugin...

5.9CVSS5.3AI score0.00366EPSS
Exploits0References5
WPVulnDB
WPVulnDBadded 2023/08/09 12:0 a.m.12 views

Chat Button < 1.8.10 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.4AI score0.00316EPSS
Exploits0Affected Software1
OSV
OSVadded 2023/08/08 1:15 p.m.2 views

CVE-2023-32292

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GetButton Chat Button by GetButton.Io plugin = 1.8.9.4 versions...

4.8CVSS7.3AI score0.00316EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/08/08 12:55 p.m.9 views

CVE-2023-32292 WordPress Chat Button Plugin <= 1.8.9.4 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GetButton Chat Button by GetButton.Io plugin = 1.8.9.4 versions...

5.9CVSS5.6AI score0.00316EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/08/08 12:55 p.m.16 views

CVE-2023-32292 WordPress Chat Button Plugin <= 1.8.9.4 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GetButton Chat Button by GetButton.Io plugin = 1.8.9.4 versions...

5.9CVSS5.5AI score0.00316EPSS
Exploits0References1
CVE
CVEadded 2023/08/08 12:55 p.m.64 views

CVE-2023-32292

The CVE-2023-32292 entry concerns the WordPress Chat Button plugin by GetButton.Io (versions

5.9CVSS5.1AI score0.00316EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2023/08/08 12:0 a.m.3 views

PT-2023-23705 · Getbutton.Io · Getbutton Chat Button

Name of the Vulnerable Software and Affected Versions: GetButton Chat Button by GetButton.Io plugin versions 1.8.9.4 and earlier Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin privileges can inject...

5.9CVSS5.3AI score0.00316EPSS
Exploits0References4
WPVulnDB
WPVulnDBadded 2023/08/07 12:0 a.m.14 views

CodeBard's Patron Button and Widgets for Patreon < 2.1.9 - Reflected XSS

Description The plugin does not sanitise and escape the siteaccount parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.8AI score0.00331EPSS
Exploits0Affected Software1
NVD
NVDadded 2023/08/05 11:15 p.m.13 views

CVE-2023-30491

Unauth. Reflected Cross-Site Scripting XSS vulnerability in CodeBard CodeBard's Patron Button and Widgets for Patreon plugin = 2.1.8 versions...

7.1CVSS6.3AI score0.00331EPSS
Exploits0References1
Prion
Prionadded 2023/08/05 11:15 p.m.33 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in CodeBard CodeBard's Patron Button and Widgets for Patreon plugin = 2.1.8 versions...

5.8CVSS6AI score0.00331EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/08/05 10:35 p.m.17 views

CVE-2023-30491 WordPress CodeBard's Patron Button and Widgets for Patreon Plugin <= 2.1.8 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in CodeBard CodeBard's Patron Button and Widgets for Patreon plugin = 2.1.8 versions...

7.1CVSS5.9AI score0.00331EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/08/05 10:35 p.m.20 views

CVE-2023-30491 WordPress CodeBard's Patron Button and Widgets for Patreon Plugin <= 2.1.8 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in CodeBard CodeBard's Patron Button and Widgets for Patreon plugin = 2.1.8 versions...

7.1CVSS6.4AI score0.00331EPSS
Exploits0References1
CVE
CVEadded 2023/08/05 10:35 p.m.54 views

CVE-2023-30491

CVE-2023-30491 is an unauthenticated reflected XSS in CodeBard's Patron Button and Widgets for Patreon WordPress plugin (versions

7.1CVSS6.1AI score0.00331EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder