Export limit exceeded: 45921 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45921 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-34369 | 1 Login Configurator Project | 1 Login Configurator | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator plugin <= 2.1 versions. | ||||
| CVE-2023-34368 | 1 Kanbanwp | 1 Kanban Boards | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kanban for WordPress Kanban Boards for WordPress plugin <= 2.5.20 versions. | ||||
| CVE-2023-34360 | 1 Asus | 2 Rt-ax88u, Rt-ax88u Firmware | 2024-11-21 | 8.2 High |
| A stored cross-site scripting (XSS) issue was discovered within the Custom User Icons functionality of ASUS RT-AX88U running firmware versions 3.0.0.4.388.23110 and prior. After a remote attacker logging in device with regular user privilege, the remote attacker can perform a Stored Cross-site Scripting (XSS) attack by uploading image which containing JavaScript code. | ||||
| CVE-2023-34244 | 1 Glpi-project | 1 Glpi | 2024-11-21 | 6.5 Medium |
| GLPI is a free asset and IT management software package. Starting in version 9.4.0 and prior to version 10.0.8, a malicious link can be crafted by an unauthenticated user that can exploit a reflected XSS in case any authenticated user opens the crafted link. Users should upgrade to version 10.0.8 to receive a patch. | ||||
| CVE-2023-34187 | 1 Alantien | 1 Call Now Icon Animate | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alan Tien Call Now Icon Animate plugin <= 0.1.0 versions. | ||||
| CVE-2023-34184 | 1 Bhavikpatel | 1 Woocommerce-order-address-print | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Bhavik Patel Woocommerce Order address Print plugin <= 3.2 versions. | ||||
| CVE-2023-34183 | 1 Unitegallery | 1 Unite Gallery Lite | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Valiano Unite Gallery Lite plugin <= 1.7.61 versions. | ||||
| CVE-2023-34180 | 1 Kaplugins | 1 Free-google-fonts | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in KAPlugins Google Fonts For WordPress plugin <= 3.0.0 versions. | ||||
| CVE-2023-34176 | 1 Chilexpress | 1 Chilexpress-oficial | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Chilexpress Chilexpress woo oficial plugin <= 1.2.9 versions. | ||||
| CVE-2023-34175 | 1 Login Configurator Project | 1 Login Configurator | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator plugin <= 2.1 versions. | ||||
| CVE-2023-34174 | 1 Bbsetheme | 1 Bbs E-popup | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in BBS e-Theme BBS e-Popup plugin <= 2.4.5 versions. | ||||
| CVE-2023-34173 | 1 Yandex Metrica Counter Project | 1 Yandex Metric Counter | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alexander Semikashev Yandex Metrica Counter plugin <= 1.4.3 versions. | ||||
| CVE-2023-34172 | 1 Miled | 1 Wordpress Social Login | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Miled WordPress Social Login plugin <= 3.0.4 versions. | ||||
| CVE-2023-34123 | 1 Sonicwall | 2 Analytics, Global Management System | 2024-11-21 | 7.5 High |
| Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions. | ||||
| CVE-2023-34089 | 1 Decidim | 1 Decidim | 2024-11-21 | 8.1 High |
| Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The processes filter feature is susceptible to Cross-site scripting. This allows a remote attacker to execute JavaScript code in the context of a currently logged-in user. An attacker could use this vulnerability to make other users endorse or support proposals they have no intention of supporting or endorsing. The problem was patched in version 0.27.3 and 0.26.7. | ||||
| CVE-2023-34032 | 1 Casier | 1 Bbpress Toolkit | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pascal Casier bbPress Toolkit plugin <= 1.0.12 versions. | ||||
| CVE-2023-34026 | 1 This Day In History Project | 1 This Day In History | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in BrokenCrust This Day In History plugin <= 3.10.1 versions. | ||||
| CVE-2023-34023 | 1 Miled | 1 Wordpress Social Login | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Miled WordPress Social Login plugin <= 3.0.4 versions. | ||||
| CVE-2023-34022 | 1 Sosidee | 1 Dynamic Qr Code Generator | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rakib Hasan Dynamic QR Code Generator plugin <= 0.0.5 versions. | ||||
| CVE-2023-34021 | 1 Church Admin Project | 1 Church Admin | 2024-11-21 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin <= 3.7.29 versions. | ||||