Export limit exceeded: 349537 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349537 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45829 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-32497 | 1 Supersoju | 1 Block Referer Spam | 2024-11-21 | 5.1 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Supersoju Block Referer Spam plugin <= 1.1.9.4 versions. | ||||
| CVE-2023-32496 | 1 Stopbadbots | 1 Block Bad Bots And Stop Bad Bots Crawlers And Spiders And Anti Spam Protection | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bill Minozzi Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin <= 7.31 versions. | ||||
| CVE-2023-32445 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-11-21 | 6.1 Medium |
| This issue was addressed with improved checks. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. Processing a document may lead to a cross site scripting attack. | ||||
| CVE-2023-32339 | 1 Ibm | 1 Cloud Pak For Business Automation | 2024-11-21 | 6.1 Medium |
| IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 255587. | ||||
| CVE-2023-32332 | 1 Ibm | 2 Maximo Application Suite, Maximo Asset Management | 2024-11-21 | 5.4 Medium |
| IBM Maximo Application Suite 8.9, 8.10 and IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 255072. | ||||
| CVE-2023-32300 | 1 Yoast | 1 Yoast Seo | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Yoast Yoast SEO: Local plugin <= 14.8 versions. | ||||
| CVE-2023-32296 | 1 Kangu | 1 Kangu | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kangu para WooCommerce plugin <= 2.2.9 versions. | ||||
| CVE-2023-32294 | 1 Radicalwebdesign | 1 Gdpr Cookie Consent Notice Box | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Radical Web Design GDPR Cookie Consent Notice Box plugin <= 1.1.6 versions. | ||||
| CVE-2023-32292 | 1 Getbutton | 1 Chat Button | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GetButton Chat Button by GetButton.Io plugin <= 1.8.9.4 versions. | ||||
| CVE-2023-32241 | 1 Wpdeveloper | 1 Essential Addons For Elementor | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPDeveloper Essential Addons for Elementor Pro plugin <= 5.4.8 versions. | ||||
| CVE-2023-32239 | 1 Xtemos | 1 Woodmart Theme | 2024-11-21 | 5.4 Medium |
| Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in xtemos WoodMart theme <= 7.2.1 versions. | ||||
| CVE-2023-32236 | 1 Bookingultrapro | 1 Appointments Booking Calendar | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Booking Ultra Pro Booking Ultra Pro Appointments Booking Calendar Plugin <= 1.1.8 versions. | ||||
| CVE-2023-32227 | 1 Synel | 2 Synergy\/a, Synergy\/a Firmware | 2024-11-21 | 9.8 Critical |
| Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials | ||||
| CVE-2023-32130 | 1 Danielpowney | 1 Multi Rating | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Daniel Powney Multi Rating plugin <= 5.0.6 versions. | ||||
| CVE-2023-32122 | 1 Spiffyplugins | 1 Spiffy Calendar | 2024-11-21 | 5.8 Medium |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Spiffy Plugins Spiffy Calendar plugin <= 4.9.3 versions. | ||||
| CVE-2023-32119 | 1 Wpo365 | 1 Mail Integration For Office 365 \/ Outlook | 2024-11-21 | 5.8 Medium |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPO365 | Mail Integration for Office 365 / Outlook plugin <= 1.9.0 versions. | ||||
| CVE-2023-32118 | 1 Wpoperation | 1 Salert - Fake Sales Notification Woocommerce | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPoperation SALERT – Fake Sales Notification WooCommerce plugin <= 1.2.1 versions. | ||||
| CVE-2023-32116 | 1 Totalpress | 1 Custom Post Types | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in TotalPress.Org Custom post types, Custom Fields & more plugin <= 4.0.12 versions. | ||||
| CVE-2023-32109 | 1 Eduva | 1 Albo Pretorio Online | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On line plugin <= 4.6.3 versions. | ||||
| CVE-2023-32108 | 1 Eduva | 1 Albo Pretorio Online | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On line plugin <= 4.6.3 versions. | ||||