Export limit exceeded: 45340 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45340 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-25974 1 Wp2syslog Project 1 Wp2syslog 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in psicosi448 wp2syslog plugin <= 1.0.5 versions.
CVE-2023-25972 1 Iksweb 1 Wordpress Ctapt 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in IKSWEB WordPress Старт plugin <= 3.7 versions.
CVE-2023-25964 1 Designextreme 1 We\'re Open\! 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Noah Hearle, Design Extreme We’re Open! plugin <= 1.46 versions.
CVE-2023-25963 1 Joomsky 1 Js Job Manager 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions.
CVE-2023-25789 1 Tapfiliate 1 Tapfiliate 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tapfiliate plugin <= 3.0.12 versions.
CVE-2023-25782 1 Plustime 1 Service Area Postcode Checker 2024-11-21 5.9 Medium
Auth. (admin+) vulnerability in Second2none Service Area Postcode Checker plugin <= 2.0.8 versions.
CVE-2023-25781 1 Upload File Type Settings Plugin Project 1 Upload File Type Settings Plugin 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sebastian Krysmanski Upload File Type Settings plugin <= 1.1 versions.
CVE-2023-25716 1 Announce From The Dashboard Project 1 Announce From The Dashboard 2024-11-21 5.9 Medium
Auth (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gqevu6bsiz Announce from the Dashboard plugin <= 1.5.1 versions.
CVE-2023-25608 1 Fortinet 4 Fortiap, Fortiap-c, Fortiap-u and 1 more 2024-11-21 5.2 Medium
An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all versions; FortiAP 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4 all versions, 6.0 all versions; FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to read arbitrary files via specially crafted command arguments.
CVE-2023-25491 1 Jch Optimize Project 1 Jch Optimize 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Samuel Marshall JCH Optimize plugin <= 3.2.2 versions.
CVE-2023-25483 1 Easycomingsoon 1 Easy Coming Soon 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ankit Agarwal, Priyanshu Mittal Easy Coming Soon plugin <= 2.3 versions.
CVE-2023-25477 1 Yotuwp 1 Video Gallery 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yotuwp Video Gallery plugin <= 1.3.12 versions.
CVE-2023-25476 1 Ezoic 1 Ampedsense 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ezoic AmpedSense – AdSense Split Tester plugin <= 4.68 versions.
CVE-2023-25471 1 Webcodin 1 Wcp Openweather 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Webcodin WCP OpenWeather plugin <= 2.5.0 versions.
CVE-2023-25466 1 Mahlamusa 1 Who Hit The Page - Hit Counter 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mahlamusa Who Hit The Page – Hit Counter plugin <= 1.4.14.3 versions.
CVE-2023-25459 1 Postsnippets 1 Post Snippets 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Postsnippets Post Snippets plugin <= 4.0.2 versions.
CVE-2023-25456 1 Klaviyo 1 Klaviyo 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Klaviyo, Inc. Klaviyo plugin <= 3.0.7 versions.
CVE-2023-25453 1 Iansadowsky 1 Wordpress Tables 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ian Sadovy WordPress Tables plugin <= 1.3.9 versions.
CVE-2023-25442 1 Zeno Font Resizer Project 1 Zeno Font Resizer 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Marcel Pol Zeno Font Resizer plugin <= 1.7.9 versions.
CVE-2023-25364 2024-11-21 6.1 Medium
Opswat Metadefender Core before 5.2.1 does not properly defend against potential HTML injection and XSS attacks.