Export limit exceeded: 46955 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46955 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-38516 | 1 Essentialplugin | 1 Audio Player With Playlist Ultimate | 2025-02-19 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WP OnlineSupport, Essential Plugin Audio Player with Playlist Ultimate plugin <= 1.2.2 versions. | ||||
| CVE-2023-36382 | 1 Jeffrey-wp | 1 Media Library Categories | 2025-02-19 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeffrey-WP Media Library Categories plugin <= 2.0.0 versions. | ||||
| CVE-2023-25465 | 1 Gopiplus | 1 Wp-tell-a-friend-popup-form | 2025-02-19 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy wp tell a friend popup form plugin <= 7.1 versions. | ||||
| CVE-2023-31220 | 1 Wp-experts | 1 Wp-categories-widget | 2025-02-19 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP-EXPERTS.IN TEAM WP Categories Widget plugin <= 2.2 versions. | ||||
| CVE-2023-40206 | 1 Hwk | 1 Wp 404 Auto Redirect To Similar Post | 2025-02-19 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in hwk-fr WP 404 Auto Redirect to Similar Post plugin <= 1.0.3 versions. | ||||
| CVE-2023-30497 | 1 Simonchuang | 1 Wp Line Notify | 2025-02-19 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Simon Chuang WP LINE Notify plugin <= 1.4.4 versions. | ||||
| CVE-2023-40663 | 1 Rextheme | 1 Wp Vr | 2025-02-19 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rextheme WP VR plugin <= 8.3.4 versions. | ||||
| CVE-2023-30471 | 1 Cornelraiu | 1 Wp Search Analytics | 2025-02-19 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cornel Raiu WP Search Analytics plugin <= 1.4.7 versions. | ||||
| CVE-2023-41662 | 1 Ulfbenjaminsson | 1 Wp-dtree | 2025-02-19 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ulf Benjaminsson WP-dTree plugin <= 4.4.5 versions. | ||||
| CVE-2023-41663 | 1 Undolog | 1 Wp Bannerize Pro | 2025-02-19 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Giovambattista Fazioli WP Bannerize Pro plugin <= 1.6.9 versions. | ||||
| CVE-2023-44479 | 1 Krillwebdesign | 1 Wp-jump-menu | 2025-02-19 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jim Krill WP Jump Menu plugin <= 3.6.4 versions. | ||||
| CVE-2023-41859 | 1 Tychesoftwares | 1 Order Delivery Date For Wp E-commerce | 2025-02-19 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin <= 1.2 versions. | ||||
| CVE-2023-44266 | 1 Wpadminify | 1 Wp Adminify | 2025-02-19 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jewel Theme WP Adminify plugin <= 3.1.6 versions. | ||||
| CVE-2023-45747 | 1 Syedbalkhi | 1 Wp Lightbox 2 | 2025-02-19 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Syed Balkhi WP Lightbox 2 plugin <= 3.0.6.5 versions. | ||||
| CVE-2023-45769 | 1 Alexraven | 1 Wp Report Post | 2025-02-19 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Alex Raven WP Report Post plugin <= 2.1.2 versions. | ||||
| CVE-2023-45770 | 1 Fastwpspeed | 1 Fast Wp Speed | 2025-02-19 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fastwpspeed Fast WP Speed plugin <= 1.0.0 versions. | ||||
| CVE-2023-46088 | 1 Paymentsplugin | 1 Wp Full Stripe Free | 2025-02-19 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mammothology WP Full Stripe Free plugin <= 1.6.1 versions. | ||||
| CVE-2023-28435 | 1 Dataease | 1 Dataease | 2025-02-19 | 6.5 Medium |
| Dataease is an open source data visualization and analysis tool. The permissions for the file upload interface is not checked so users who are not logged in can upload directly to the background. The file type also goes unchecked, users could upload any type of file. These vulnerabilities has been fixed in version 1.18.5. | ||||
| CVE-2024-55228 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2025-02-19 | 9 Critical |
| A cross-site scripting (XSS) vulnerability in the Product module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title parameter. | ||||
| CVE-2024-55227 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2025-02-19 | 9 Critical |
| A cross-site scripting (XSS) vulnerability in the Events/Agenda module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title parameter. | ||||