Export limit exceeded: 45590 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45590 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-43760 | 1 Suse | 1 Rancher | 2025-01-09 | 8.4 High |
| An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SUSE Rancher allows users in some higher-privileged groups to to inject code that is executed within another user's browser, allowing the attacker to steal sensitive information, manipulate web content, or perform other malicious activities on behalf of the victims. This could result in a user with write access to the affected areas being able to act on behalf of an administrator, once an administrator opens the affected web page. This issue affects Rancher: from >= 2.6.0 before < 2.6.13, from >= 2.7.0 before < 2.7.4. | ||||
| CVE-2023-27614 | 1 Motor Racing League Project | 1 Motor Racing League | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Ian Haycox Motor Racing League plugin <= 1.9.9 versions. | ||||
| CVE-2023-23892 | 1 M Chart Project | 1 M Chart | 2025-01-09 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Jamie Poitra M Chart plugin <= 1.9.4 versions. | ||||
| CVE-2022-45084 | 1 Loginizer | 1 Loginizer | 2025-01-09 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions. | ||||
| CVE-2022-47158 | 1 Alfred24 Click \& Collect Project | 1 Alfred24 Click \& Collect | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pakpobox alfred24 Click & Collect plugin <= 1.1.7 versions. | ||||
| CVE-2022-47598 | 1 Wp Super Popup Project | 1 Wp Super Popup | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP Plugins Pro WP Super Popup plugin <= 1.1.2 versions. | ||||
| CVE-2022-41612 | 1 Shareaholic | 1 Similar Posts | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Shareaholic Similar Posts plugin <= 3.1.6 versions. | ||||
| CVE-2022-45837 | 1 Wpjam | 1 Wechat Robot | 2025-01-09 | 7.1 High |
| Reflected Cross-Site Scripting (XSS) vulnerability in Denis 微信机器人高级版 plugin <= 6.0.1 versions. | ||||
| CVE-2023-25710 | 1 Digitalblue | 1 Click To Call Or Chat Buttons | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in DIGITALBLUE Click to Call or Chat Buttons plugin <= 1.4.0 versions. | ||||
| CVE-2023-27619 | 1 Machothemes | 1 Regina Lite | 2025-01-09 | 5.4 Medium |
| Auth (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Macho Themes Regina Lite theme <= 2.0.7 versions. | ||||
| CVE-2023-25490 | 1 Archivist - Custom Archive Templates Project | 1 Archivist - Custom Archive Templates | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eric Teubert Archivist – Custom Archive Templates plugin <= 1.7.4 versions. | ||||
| CVE-2023-25479 | 1 Podlove | 1 Podlove Subscribe Button | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Podlove Podlove Subscribe button plugin <= 1.3.7 versions. | ||||
| CVE-2023-25484 | 1 Simple Yearly Archive Project | 1 Simple Yearly Archive | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Oliver Schlöbe Simple Yearly Archive plugin <= 2.1.8 versions. | ||||
| CVE-2022-47608 | 1 Fullworksplugins | 1 Quick Contact Form | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Contact Form plugin <= 8.0.3.1 versions. | ||||
| CVE-2023-25485 | 1 Json-content-importer | 1 Json Content Importer | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bernhard Kux JSON Content Importer plugin <= 1.3.15 versions. | ||||
| CVE-2023-25793 | 1 Link Juice Keeper Project | 1 Link Juice Keeper | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in George Pattihis Link Juice Keeper plugin <= 2.0.2 versions. | ||||
| CVE-2023-25461 | 1 Smartlogix | 1 Wp-insert | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in namithjawahar Wp-Insert plugin <= 2.5.0 versions. | ||||
| CVE-2023-23995 | 1 Tinymce Custom Styles Project | 1 Tinymce Custom Styles | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tim Reeves & David Stöckl TinyMCE Custom Styles plugin <= 1.1.2 versions. | ||||
| CVE-2023-23889 | 1 Fullworksplugins | 1 Quick Paypal Payments | 2025-01-09 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions. | ||||
| CVE-2023-23866 | 1 Interactive Geo Maps Project | 1 Interactive Geo Maps | 2025-01-09 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Carlos Moreira Interactive Geo Maps plugin <= 1.5.8 versions. | ||||