CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

RedhatCVE•added 2025/05/23 2:15 a.m.•2 views

CVE-2023-49839

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KlbTheme Cosmetsy theme core plugin, KlbTheme Partdo theme core plugin, KlbTheme Bacola theme core plugin, KlbTheme Medibazar theme core plugin, KlbTheme Furnob theme core plugin, KlbTheme Clotya...

7.1CVSS8.5AI score0.00207EPSS

Exploits0References1

NVD•added 2024/03/26 9:15 a.m.•7 views

CVE-2023-49838

Cross-Site Request Forgery CSRF vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a...

4.3CVSS4.6AI score0.00245EPSS

Exploits0References7

Vulnrichment•added 2024/03/26 8:23 a.m.•11 views

CVE-2023-49838 Cross-Site Request Forgery (CSRF) vulnerability in multiple themes by KlbTheme

4.3CVSS7.2AI score0.00245EPSS

Exploits0References7

Cvelist•added 2024/03/26 8:23 a.m.•13 views

CVE-2023-49838 Cross-Site Request Forgery (CSRF) vulnerability in multiple themes by KlbTheme

4.3CVSS5AI score0.00245EPSS

Exploits0References7

CVE•added 2024/03/26 8:23 a.m.•59 views

CVE-2023-49838

CVE-2023-49838 : CSRF in KlbTheme themes (Clotya up to 1.1.6; Cosmetsy up to 1.7.7; Furnob up to 1.2.2; Bacola up to 1.3.3; Partdo up to 1.1.1; Medibazar up to 1.8.6; Machic up to 1.2.8). Root cause per description: missing CSRF checks in some locations, enabling unauthorized actions via forged r...

4.3CVSS8.5AI score0.00245EPSS

Exploits0References7

Cvelist•added 2024/03/26 7:57 a.m.•14 views

CVE-2023-49839 Reflected Cross-Site Scripting vulnerability in multiple WordPress components by KlbTheme

7.1CVSS7.2AI score0.00207EPSS

Exploits0References6

CVE•added 2024/03/26 7:57 a.m.•49 views

CVE-2023-49839

CVE-2023-49839 is a reflected XSS in KlbTheme core plugins (Cosmetsy, Partdo, Bacola, Medibazar, Furnob, Clotya) caused by improper neutralization of input during web page generation. Affected versions include Cosmetsy up to 1.3.0; Partdo up to 1.0.9; Bacola up to 1.3.3; Medibazar up to 1.2.3; Fu...

7.1CVSS8.5AI score0.00207EPSS

Exploits0References6

Vulnrichment•added 2024/03/26 7:57 a.m.•8 views

CVE-2023-49839 Reflected Cross-Site Scripting vulnerability in multiple WordPress components by KlbTheme

7.1CVSS6.9AI score0.00207EPSS

Exploits0References6

Patchstack•added 2023/12/06 12:0 a.m.•11 views

WordPress Partdo Theme <= 1.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Partdo Type Theme Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-49838 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5e38b5d511f8 Credits RE-ALTER Required privilege...

4.3CVSS4.4AI score0.00245EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by