Export limit exceeded: 344062 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45340 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28415 | 1 Xootix | 1 Side Cart Woocommerce | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in XootiX Side Cart Woocommerce (Ajax) plugin <= 2.2 versions. | ||||
| CVE-2023-28332 | 1 Moodle | 1 Moodle | 2024-11-21 | 6.1 Medium |
| If the algebra filter was enabled but not functional (eg the necessary binaries were missing from the server), it presented an XSS risk. | ||||
| CVE-2023-28174 | 1 Elightup | 1 Erocket | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in eLightUp eRocket plugin <= 1.2.4 versions. | ||||
| CVE-2023-28171 | 1 Wpchill | 1 Brilliance | 2024-11-21 | 5.4 Medium |
| Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in WP Chill Brilliance theme <= 1.3.1 versions. | ||||
| CVE-2023-28166 | 1 Tags Cloud Manager Project | 1 Tags Cloud Manager | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Aakif Kadiwala Tags Cloud Manager plugin <= 1.0.0 versions. | ||||
| CVE-2023-28025 | 1 Hcltech | 1 Bigfix Modern Client Management | 2024-11-21 | 6.6 Medium |
| Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed and stored in the server storage. | ||||
| CVE-2023-28014 | 1 Hcltech | 1 Bigfix Mobile | 2024-11-21 | 6.6 Medium |
| HCL BigFix Mobile is vulnerable to a cross-site scripting attack. An authenticated attacker could inject malicious scripts into the application. | ||||
| CVE-2023-28013 | 1 Hcltech | 1 Verse | 2024-11-21 | 6.5 Medium |
| HCL Verse is susceptible to a Reflected Cross Site Scripting (XSS) vulnerability. By tricking a user into entering crafted markup a remote, unauthenticated attacker could execute script in a victim's web browser to perform operations as the victim and/or steal the victim's cookies, session tokens, or other sensitive information. | ||||
| CVE-2023-27890 | 1 Export User Project | 1 Export User | 2024-11-21 | 5.4 Medium |
| The Export User plugin through 2.0 for MyBB allows XSS during the process of an admin generating DSGVO data for a user, via the Custom User Title, Location, or Bio field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2023-27636 | 1 Progress | 1 Sitefinity | 2024-11-21 | 6.5 Medium |
| Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor. | ||||
| CVE-2023-27631 | 1 Mmrs151 | 1 Daily Prayer Time | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in mmrs151 Daily Prayer Time plugin <= 2023.05.04 versions. | ||||
| CVE-2023-27629 | 1 Geminilabs | 1 Site Reviews | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Paul Ryley Site Reviews plugin <= 6.5.1 versions. | ||||
| CVE-2023-27628 | 1 Sitekit Project | 1 Sitekit | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Webvitaly Sitekit plugin <= 1.3 versions. | ||||
| CVE-2023-27627 | 1 Eggemplo | 1 Woocommerce Email Report | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in eggemplo Woocommerce Email Report plugin <= 2.4 versions. | ||||
| CVE-2023-27624 | 1 Redirect After Login Project | 1 Redirect After Login | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marcelotorres Redirect After Login plugin <= 0.1.9 versions. | ||||
| CVE-2023-27622 | 1 Guruwalk | 1 Guruwalk Affiliates | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Abel Ruiz GuruWalk Affiliates plugin <= 1.0.0 versions. | ||||
| CVE-2023-27621 | 1 Mrdemonwolf | 1 Livestream Notice | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MrDemonWolf Livestream Notice plugin <= 1.2.0 versions. | ||||
| CVE-2023-27618 | 1 Agilelogix | 1 Store Locator | 2024-11-21 | 5.9 Medium |
| Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in AGILELOGIX Store Locator WordPress plugin <= 1.4.9 versions. | ||||
| CVE-2023-27617 | 1 Carrcommunications | 1 Rsvpmaker | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David F. Carr RSVPMaker plugin <= 10.6.6 versions. | ||||
| CVE-2023-27616 | 1 Carrcommunications | 1 Rsvpmaker | 2024-11-21 | 7.1 High |
| Unauth. Stored Cross-Site Scripting (XSS) vulnerability in David F. Carr RSVPMaker plugin <= 10.6.6 versions. | ||||