| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| DedeCMS v6.2 was discovered to contain a Cross-site Scripting (XSS) vulnerability via spec_add.php. |
| SuperAGI v0.0.13 was discovered to use a hardcoded key for encryption operations. This vulnerability can lead to the disclosure of information and communications. |
| Archery v1.10.0 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption. This vulnerability can lead to the disclosure of information and communications. |
| Cross Site Scripting (XSS) in Search filters in Prestashop Amazzing filter version up to version 3.2.5, allows remote attackers to inject arbitrary JavaScript code. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress plugin <= 3.3.26 versions. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.2.32 versions. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExpressTech Quiz And Survey Master plugin <= 8.1.13 versions. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeroen Schmit Theater for WordPress plugin <= 0.18.3 versions. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in assorted[chips] DrawIt (draw.Io) plugin <= 1.1.3 versions. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codez Quick Call Button plugin <= 1.2.9 versions. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jannis Thuemmig Email Encoder plugin <= 2.1.8 versions. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mmrs151 Daily Prayer Time plugin <= 2023.10.13 versions. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Charitable Donations & Fundraising Team Donation Forms by Charitable plugin <= 1.7.0.13 versions. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Venutius BP Profile Shortcodes Extra plugin <= 2.5.2 versions. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Waterloo Plugins BMI Calculator Plugin plugin <= 1.0.3 versions. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in grandslambert Better RSS Widget plugin <= 2.8.1 versions. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bamboo Mcr Bamboo Columns plugin <= 1.6.1 versions. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Suresh KUMAR Mukhiya Anywhere Flash Embed plugin <= 1.0.5 versions. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Asdqwe Dev Ajax Domain Checker plugin <= 1.3.0 versions. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Accordion plugin <= 2.6 versions. |
