Export limit exceeded: 344069 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45340 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-29024 | 1 Rockwellautomation | 4 Armorstart St 281e, Armorstart St 281e Firmware, Armorstart St 284ee and 1 more | 2024-11-21 | 5.5 Medium |
| A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product A cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability. | ||||
| CVE-2023-29023 | 1 Rockwellautomation | 4 Armorstart St 281e, Armorstart St 281e Firmware, Armorstart St 284ee and 1 more | 2024-11-21 | 7 High |
| A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability. | ||||
| CVE-2023-29009 | 1 Basercms | 1 Basercms | 2024-11-21 | 6.1 Medium |
| baserCMS is a website development framework with WebAPI that runs on PHP8 and CakePHP4. There is a XSS Vulnerability in Favorites Feature to baserCMS. This issue has been patched in version 4.8.0. | ||||
| CVE-2023-28994 | 1 Uxthemes | 1 Flatsome | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in UX-themes Flatsome plugin <= 3.16.8 versions. | ||||
| CVE-2023-28992 | 1 Relywp | 1 Coupon Affiliates | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Elliot Sowersby, RelyWP Coupon Affiliates – WooCommerce Affiliate Plugin plugin <= 5.4.3 versions. | ||||
| CVE-2023-28991 | 1 Piwebsolution | 1 Pi-woocommerce-order-date-time-and-type | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Order date, Order pickup, Order date time, Pickup Location, delivery date for WooCommerce plugin <= 3.0.19 versions. | ||||
| CVE-2023-28988 | 1 Piwebsolution | 1 Add-to-cart-direct-checkout-for-woocommerce | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Direct checkout, Add to cart redirect, Quick purchase button, Buy now button, Quick View button for WooCommerce plugin <= 2.1.48 versions. | ||||
| CVE-2023-28933 | 1 Stpetedesign | 1 Call Now Accessibility Button | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in StPeteDesign Call Now Accessibility Button plugin <= 1.1 versions. | ||||
| CVE-2023-28931 | 1 Never5 | 1 Post Connector | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Never5 Post Connector plugin <= 1.0.9 versions. | ||||
| CVE-2023-28884 | 1 Misp-project | 1 Malware Information Sharing Platform | 2024-11-21 | 6.1 Medium |
| In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index. | ||||
| CVE-2023-28875 | 1 Afian | 1 Filerun | 2024-11-21 | 5.4 Medium |
| A Stored XSS issue in shared files download terms in Filerun Update 20220202 allows attackers to inject JavaScript code that is executed when a user follows the crafted share link. | ||||
| CVE-2023-28873 | 1 Seafile | 1 Seafile | 2024-11-21 | 5.4 Medium |
| An XSS issue in wiki and discussion pages in Seafile 9.0.6 allows attackers to inject JavaScript into the Markdown editor. | ||||
| CVE-2023-28819 | 1 Concretecms | 1 Concrete Cms | 2024-11-21 | 3.5 Low |
| Concrete CMS (previously concrete5) versions 8.5.12 and below, 9.0.0 through 9.0.2 is vulnerable to Stored XSS in uploaded file and folder names. | ||||
| CVE-2023-28790 | 1 Simple Staff List Project | 1 Simple Staff List | 2024-11-21 | 5.9 Medium |
| Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Brett Shumaker Simple Staff List plugin <= 2.2.3 versions. | ||||
| CVE-2023-28785 | 1 Yoast | 1 Yoast Seo | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Yoast Yoast SEO: Local plugin <= 14.9 versions. | ||||
| CVE-2023-28784 | 1 Contest-gallery | 1 Contest Gallery | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Contest Gallery plugin <= 21.1.2 versions. | ||||
| CVE-2023-28783 | 1 Phpradar | 1 Woocommerce Tip\/donation | 2024-11-21 | 5.9 Medium |
| Auth. (shop manager+) Stored Cross-Site Scripting (XSS) vulnerability in PHPRADAR Woocommerce Tip/Donation plugin <= 1.2 versions. | ||||
| CVE-2023-28779 | 1 Simplecoding | 1 Terms Descriptions | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Vladimir Statsenko Terms descriptions plugin <= 3.4.4 versions. | ||||
| CVE-2023-28778 | 1 Bestwebsoft | 1 Pagination | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BestWebSoft Pagination plugin <= 1.2.2 versions. | ||||
| CVE-2023-28776 | 1 I13websolution | 1 Continuous Image Carousel With Lightbox | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Continuous Image Carousel With Lightbox plugin <= 1.0.15 versions. | ||||