Export limit exceeded: 349497 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45824 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24385 | 1 Davidlingren | 1 Media Library Assistant | 2024-11-21 | 5.9 Medium |
| Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in David Lingren Media Library Assistant plugin <= 3.11 versions. | ||||
| CVE-2023-24381 | 1 Nsthemes | 1 Advanced Social Pixel | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NsThemes Advanced Social Pixel plugin <= 2.1.1 versions. | ||||
| CVE-2023-24070 | 1 Misp-project | 1 Malware Information Sharing Platform | 2024-11-21 | 6.1 Medium |
| app/View/AuthKeys/authkey_display.ctp in MISP through 2.4.167 has an XSS in authkey add via a Referer field. | ||||
| CVE-2023-24050 | 1 Connectize | 2 Ac21000 G6, Ac21000 G6 Firmware | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary code via crafted string when setting the Wi-Fi password in the admin panel. | ||||
| CVE-2023-23998 | 1 E4jconnect | 1 Vikrentcar | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in E4J s.R.L. VikRentCar Car Rental Management System plugin <= 1.3.0 versions. | ||||
| CVE-2023-23979 | 1 Fullworksplugins | 1 Quick Event Manager | 2024-11-21 | 7.1 High |
| Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 versions. | ||||
| CVE-2023-23922 | 1 Moodle | 1 Moodle | 2024-11-21 | 6.1 Medium |
| The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attacker to perform cross-site scripting (XSS) attacks. | ||||
| CVE-2023-23921 | 1 Moodle | 1 Moodle | 2024-11-21 | 6.1 Medium |
| The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in some returnurl parameters. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attacker to perform cross-site scripting (XSS) attacks. | ||||
| CVE-2023-23900 | 1 Yikesinc | 1 Easy Forms For Mailchimp | 2024-11-21 | 5.8 Medium |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in YIKES, Inc. Easy Forms for Mailchimp plugin <= 6.8.8 versions. | ||||
| CVE-2023-23884 | 1 Kanbanwp | 1 Kanban Boards For Wordpress | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kanban for WordPress Kanban Boards for WordPress plugin <= 2.5.20 versions. | ||||
| CVE-2023-23881 | 1 Greentreelabs | 1 Circles Gallery | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GreenTreeLabs Circles Gallery plugin <= 1.0.10 versions. | ||||
| CVE-2023-23880 | 1 Monsterinsights | 1 Exactmetrics | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ExactMetrics plugin <= 7.14.1 versions. | ||||
| CVE-2023-23877 | 1 Bkmacdaddy | 1 Pinterest Rss Widget | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in bkmacdaddy designs Pinterest RSS Widget plugin <= 2.3.1 versions. | ||||
| CVE-2023-23873 | 1 Bbspoiler Project | 1 Bbspoiler | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Flector BBSpoiler plugin <= 2.01 versions. | ||||
| CVE-2023-23871 | 1 Webdzier | 1 Button | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Webdzier Button plugin <= 1.1.23 versions. | ||||
| CVE-2023-23863 | 1 Blackandwhitedigital | 1 Treepress | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Black and White Digital Ltd TreePress – Easy Family Trees & Ancestor Profiles plugin <= 2.0.22 versions. | ||||
| CVE-2023-23833 | 1 Drop Shadow Boxes Project | 1 Drop Shadow Boxes | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Steven Henty Drop Shadow Boxes plugin <= 1.7.10 versions. | ||||
| CVE-2023-23831 | 1 Rating-widget | 1 Ratingwidget | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rating-Widget Rating-Widget: Star Review System plugin <= 3.1.9 versions. | ||||
| CVE-2023-23829 | 1 Pierre-jehan | 1 Owl Carousel | 2024-11-21 | 6.5 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pierre JEHAN Owl Carousel plugin <= 0.5.3 versions. | ||||
| CVE-2023-23826 | 1 Webmechanix | 1 Add Posts To Pages | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Arsham Mirshah Add Posts to Pages plugin <= 1.4.1 versions. | ||||