Export limit exceeded: 45631 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45631 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-36863 | 1 Expresstech | 1 Quiz And Survey Master | 2025-02-20 | 5.4 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress. | ||||
| CVE-2021-36864 | 1 Expresstech | 1 Quiz And Survey Master | 2025-02-20 | 3.4 Low |
| Auth. (editor+) Reflected Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress. | ||||
| CVE-2022-44576 | 1 Agenteasy Properties Project | 1 Agenteasy Properties | 2025-02-20 | 4.8 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in AgentEasy Properties plugin <= 1.0.4 on WordPress. | ||||
| CVE-2022-44586 | 1 Am-hili Project | 1 Am-hili | 2025-02-20 | 4.8 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) in Ayoub Media AM-HiLi plugin <= 1.0 on WordPress. | ||||
| CVE-2022-36428 | 1 Rockcontent | 1 Rock Convert | 2025-02-20 | 4.8 Medium |
| Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Stage Rock Convert plugin <= 2.11.0 on WordPress. | ||||
| CVE-2022-30545 | 1 5-anker | 1 5 Anker Connect | 2025-02-20 | 4.8 Medium |
| Auth. Reflected Cross-Site Scripting (XSS) vulnerability in 5 Anker Connect plugin <= 1.2.6 on WordPress. | ||||
| CVE-2022-36357 | 1 Webpsilon | 1 Ultimate Tables | 2025-02-20 | 6.1 Medium |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Webpsilon ULTIMATE TABLES plugin <= 1.6.5 versions. | ||||
| CVE-2024-2779 | 1 Campcodes | 1 Online Marriage Registration System | 2025-02-20 | 3.5 Low |
| A vulnerability was found in Campcodes Online Marriage Registration System 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/application-bwdates-reports-details.php. The manipulation of the argument fromdate leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257613 was assigned to this vulnerability. | ||||
| CVE-2024-2780 | 1 Campcodes | 1 Online Marriage Registration System | 2025-02-20 | 3.5 Low |
| A vulnerability was found in Campcodes Online Marriage Registration System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257614 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-43614 | 1 Welcart | 1 Welcart E-commerce | 2025-02-20 | 6.1 Medium |
| Cross-site scripting vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script. | ||||
| CVE-2023-22705 | 1 Welcart | 1 Welcart E-commerce | 2025-02-20 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Collne Inc. Welcart e-Commerce plugin <= 2.8.10 versions. | ||||
| CVE-2023-41962 | 1 Welcart | 1 Welcart E-commerce | 2025-02-20 | 6.1 Medium |
| Cross-site scripting vulnerability in Credit Card Payment Setup page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script in the page. | ||||
| CVE-2023-43484 | 1 Welcart | 1 Welcart E-commerce | 2025-02-20 | 6.1 Medium |
| Cross-site scripting vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script. | ||||
| CVE-2023-41233 | 1 Welcart | 1 Welcart E-commerce | 2025-02-20 | 6.1 Medium |
| Cross-site scripting vulnerability in Item List page registration process of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script. | ||||
| CVE-2021-20734 | 1 Welcart | 1 Welcart E-commerce | 2025-02-20 | 6.1 Medium |
| Cross-site scripting vulnerability in Welcart e-Commerce versions prior to 2.2.4 allows remote attackers to inject arbitrary script or HTML via unspecified vectors. | ||||
| CVE-2023-5951 | 1 Welcart | 1 Welcart E-commerce | 2025-02-20 | 6.1 Medium |
| The Welcart e-Commerce WordPress plugin before 2.9.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | ||||
| CVE-2024-2775 | 1 Campcodes | 1 Online Marriage Registration System | 2025-02-20 | 3.5 Low |
| A vulnerability, which was classified as problematic, has been found in Campcodes Online Marriage Registration System 1.0. This issue affects some unknown processing of the file /user/user-profile.php. The manipulation of the argument lname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257609 was assigned to this vulnerability. | ||||
| CVE-2024-2778 | 1 Campcodes | 1 Online Marriage Registration System | 2025-02-20 | 3.5 Low |
| A vulnerability was found in Campcodes Online Marriage Registration System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/search.php. The manipulation of the argument searchdata leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257612. | ||||
| CVE-2024-4797 | 1 Campcodes | 1 Online Laundry Management System | 2025-02-20 | 3.5 Low |
| A vulnerability was found in Campcodes Online Laundry Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /ajax.php. The manipulation of the argument name/customer_name/username leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263896. | ||||
| CVE-2024-28112 | 1 Peering-manager | 1 Peering Manager | 2025-02-20 | 6.1 Medium |
| Peering Manager is a BGP session management tool. Affected versions of Peering Manager are subject to a potential stored Cross-Site Scripting (XSS) attack in the `name` attribute of AS or Platform. The XSS triggers on a routers detail page. Adversaries are able to execute arbitrary JavaScript code with the permission of a victim. XSS attacks are often used to steal credentials or login tokens of other users. This issue has been addressed in version 1.8.3. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||