CWE-79 CVEs and Security Vulnerabilities

Export limit exceeded: 45346 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45346 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-32580	1 Wpexperts	1 Password Protected	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPExperts Password Protected plugin <= 2.6.2 versions.
CVE-2023-32578	1 Column-matic Project	1 Column-matic	2024-11-21	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Twinpictures Column-Matic plugin <= 1.3.3 versions.
CVE-2023-32577	1 Devbuddy	1 Twitter Feed	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eji Osigwe DevBuddy Twitter Feed plugin <= 4.0.0 versions.
CVE-2023-32576	1 Plainwaire	1 Locatoraid Store Locator	2024-11-21	6.5 Medium
Auth. (subscriber+) Stored Cross-Site Scripting') vulnerability in Plainware Locatoraid Store Locator plugin <= 3.9.18 versions.
CVE-2023-32575	1 Woocommerce	1 Woocommerce	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Product page shipping calculator for WooCommerce plugin <= 1.3.25 versions.
CVE-2023-32516	1 Oracle	1 Restaurant Menu - Food Ordering System - Table Reservation	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GloriaFood Restaurant Menu – Food Ordering System – Table Reservation plugin <= 2.3.6 versions.
CVE-2023-32511	1 Bookingultrapro	1 Booking Ultra Pro Appointments Booking Calendar	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Booking Ultra Pro Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.8 versions.
CVE-2023-32510	1 Cagewebdev	1 Order Your Posts Manually	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rolf van Gelder Order Your Posts Manually plugin <= 2.2.5 versions.
CVE-2023-32509	1 Cagewebdev	1 Order Your Posts Manually	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rolf van Gelder Order Your Posts Manually plugin <= 2.2.5 versions.
CVE-2023-32505	1 Ciphercoin	1 Easy Hide Login	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Arshid Easy Hide Login plugin <= 1.0.7 versions.
CVE-2023-32503	1 Gtmetrix	1 Gtmetrix	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.6 versions.
CVE-2023-32499	1 Netmix	1 Radio Station	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Tony Zeoli, Tony Hayes Radio Station by netmix® – Manage and play your Show Schedule in WordPress! plugin <= 2.4.0.9 versions.
CVE-2023-32498	1 Ays-pro	1 Easy Form	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Easy Form team Easy Form by AYS plugin <= 1.2.0 versions.
CVE-2023-32497	1 Supersoju	1 Block Referer Spam	2024-11-21	5.1 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Supersoju Block Referer Spam plugin <= 1.1.9.4 versions.
CVE-2023-32496	1 Stopbadbots	1 Block Bad Bots And Stop Bad Bots Crawlers And Spiders And Anti Spam Protection	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bill Minozzi Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin <= 7.31 versions.
CVE-2023-32445	1 Apple	6 Ipados, Iphone Os, Macos and 3 more	2024-11-21	6.1 Medium
This issue was addressed with improved checks. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. Processing a document may lead to a cross site scripting attack.
CVE-2023-32339	1 Ibm	1 Cloud Pak For Business Automation	2024-11-21	6.1 Medium
IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 255587.
CVE-2023-32332	1 Ibm	2 Maximo Application Suite, Maximo Asset Management	2024-11-21	5.4 Medium
IBM Maximo Application Suite 8.9, 8.10 and IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 255072.
CVE-2023-32300	1 Yoast	1 Yoast Seo	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Yoast Yoast SEO: Local plugin <= 14.8 versions.
CVE-2023-32298	1 Helgatheviking	1 Simple User Listing	2024-11-21	6.1 Medium
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kathy Darling Simple User Listing plugin <= 1.9.2 versions.

« first previous Page 1623 of 2268. next last »