CVEs from 2023
Total
6,110
critical
critical 239
high
high 1,527
medium
medium 1,390
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-31231 | medium | 6.5 | 6.5 | 3y ago | Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elemen… | |||
| CVE-2023-30872 | medium | 6.5 | 6.5 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BannerSky BSK Forms Blacklist.This issue affects BSK Forms Blacklist: from n/a through 3.6.2. | |||
| CVE-2023-46311 | medium | 6.5 | 6.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments – wpDiscuz.This issue affects Comments – wpDiscuz: from n/a through 7.6.3. | |||
| CVE-2023-41796 | medium | 6.5 | 6.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in WP Sunshine Sunshine Photo Cart: Free Client Galleries for Photographers.This issue affects Sunshine Photo Cart: Free Client Gallerie… | |||
| CVE-2023-25715 | medium | 6.5 | 6.5 | 3y ago | Missing Authorization vulnerability in GamiPress GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress.This issue affects GamiPress – The #1 gamification … | |||
| CVE-2023-47558 | medium | 6.5 | 6.5 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mahlamusa Who Hit The Page – Hit Counter allows SQL Injection.This issue affects Who Hit The Page… | |||
| CVE-2023-37868 | medium | 6.5 | 6.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons PRO.This issue affects Premium Addons PRO: from n/a through 2.9.0. | |||
| CVE-2023-26533 | medium | 6.5 | 6.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.1. | |||
| CVE-2023-48333 | medium | 6.5 | 6.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pluggabl LLC Booster for WooCommerce.This issue affects Booster for WooCommerce: from n/a through 7.1.1. | |||
| CVE-2023-41239 | medium | 6.5 | 6.5 | 3y ago | Server-Side Request Forgery (SSRF) vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry.This issue affects PowerPress Podcasting plugin by Blubrry: from n/a through 11.0.6. | |||
| CVE-2023-23800 | medium | 6.5 | 6.5 | 3y ago | Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Shortcodes Plugin — Shortcodes Ultimate.This issue affects WP Shortcodes Plugin — Shortcodes Ultimate: from n/a through 5.12.6. | |||
| CVE-2023-23684 | medium | 6.5 | 6.5 | 3y ago | WPGraphQL Plugin vulnerable to Server Side Request Forgery (SSRF) | |||
| CVE-2023-4527 | medium | 6.5 | 6.5 | 3y ago | RHSA-2023:5455: glibc security update (Important) | |||
| CVE-2023-36897 | medium | 6.5 | 6.5 | 3y ago | Visual Studio Tools for Office Runtime Spoofing Vulnerability | |||
| CVE-2023-33151 | medium | 6.5 | 6.5 | 3y ago | Microsoft Outlook Spoofing Vulnerability | |||
| CVE-2023-25136 | medium | 6.5 | 6.5 | 3y ago | OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote a… | |||
| CVE-2023-29237 | medium | 6.3 | 6.3 | 2y ago | Missing Authorization vulnerability in Muhammad Rehman Remove Duplicate Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Remove Duplicate Posts: from n… | |||
| CVE-2023-27449 | medium | 6.3 | 6.3 | 2y ago | Missing Authorization vulnerability in TotalSuite Total Poll Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total Poll Lite: from n/a through 4.8.6. | |||
| CVE-2023-31234 | medium | 6.3 | 6.3 | 2y ago | Missing Authorization vulnerability in Tilda Publishing.This issue affects Tilda Publishing: from n/a through 0.3.23. | |||
| CVE-2023-23450 | medium | 6.2 | 6.2 | 3y ago | Use of Password Hash Instead of Password for Authentication in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote a… | |||
| CVE-2023-42345 | medium | 6.1 | 6.1 | 29d ago | Alkacon OpenCms is vulnerable to XSS via updateModelGroups.jsp | |||
| CVE-2023-42343 | medium | 6.1 | 6.1 | 29d ago | Alkacon OpenCms is vulnerable to XSS via cmis-online/type | |||
| CVE-2023-54349 | medium | 6.1 | 6.1 | 1mo ago | AmazCart CMS 3.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search functionality. Att… | |||
| CVE-2023-53900 | medium | 6.1 | 6.1 | 6mo ago | Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG files with embedded external links. Attackers can trick administrators into clicking a crafted SVG logo … | |||
| CVE-2023-40000 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from… | |||
| CVE-2023-6047 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Algoritim E-commerce Software allows Reflected XSS. This issue affects E-commerce Software: befo… | |||
| CVE-2023-34020 | medium | 6.1 | 6.1 | 2y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash.This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.6.4.3. | |||
| CVE-2023-33322 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Etoile Web Design Front End Users allows Reflected XSS.This issue affects Front End Users: from n… | |||
| CVE-2023-50905 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log allows Stored XSS.This issue affects WP Activity Log: from n/a through … | |||
| CVE-2023-51533 | medium | 6.1 | 6.1 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart.This issue affects Ecwid Ecommerce Shopping Cart: from n/a through 6.12.4. | |||
| CVE-2023-51488 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls, Surveys & more allows Reflected XSS.This issue af… | |||
| CVE-2023-6673 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in National Keep Cyber Security Services CyberMath allows Reflected XSS. This issue affects CyberMa… | |||
| CVE-2023-51509 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Log… | |||
| CVE-2023-51540 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kunal Nagar Custom 404 Pro allows Stored XSS.This issue affects Custom 404 Pro: from n/a through … | |||
| CVE-2023-7153 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Macroturk Software and Internet Technologies Macro-Bel allows Reflected XSS. This issue affects … | |||
| CVE-2023-52196 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Phil Ewels CPT Bootstrap Carousel allows Reflected XSS.This issue affects CPT Bootstrap Carousel:… | |||
| CVE-2023-52213 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VideoWhisper Rate Star Review – AJAX Reviews for Content, with Star Ratings allows Reflected XSS.… | |||
| CVE-2023-50893 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UpSolution Impreza – WordPress Website and WooCommerce Builder allows Reflected XSS.This issue af… | |||
| CVE-2023-50892 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem - Creative Multi-Purpose & WooCommerce WordPress Theme allows Reflected XSS.Th… | |||
| CVE-2023-51373 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ian Kennerley Google Photos Gallery with Shortcodes allows Reflected XSS.This issue affects Googl… | |||
| CVE-2023-50901 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Mega – Absolute Addons For Elementor allows Reflected XSS.This issue affects HT Mega… | |||
| CVE-2023-32517 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder.This issue affects MailChimp Subscribe Form, Optin … | |||
| CVE-2023-32101 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Pexle Chris Library Viewer.This issue affects Library Viewer: from n/a through 2.0.6. | |||
| CVE-2023-31237 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.9. | |||
| CVE-2023-31229 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP Directory Kit.This issue affects WP Directory Kit: from n/a through 1.1.9. | |||
| CVE-2023-31095 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for HubSpot a… | |||
| CVE-2023-28786 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SolidWP Solid Security – Password, Two Factor Authentication, and Brute Force Protection.This issue affects Solid Security – Passw… | |||
| CVE-2023-51501 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Undsgn Uncode - Creative & WooCommerce WordPress Theme allows Reflected XSS.This issue affects Un… | |||
| CVE-2023-4672 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Talent Software ECOP allows Reflected XSS. This issue affects ECOP: before 32255. | |||
| CVE-2023-6122 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in İstanbul Soft Informatics and Consultancy Limited Company Softomi Gelişmiş C2C Pazaryeri Yazılımı… | |||
| CVE-2023-5989 | medium | 6.1 | 6.1 | 3y ago | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uyumsoft Information System and Technologies' LioXERP allows an authenticated user to execute … | |||
| CVE-2023-5988 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uyumsoft Information System and Technologies LioXERP allows Reflected XSS. This issue affects Li… | |||
| CVE-2023-46624 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Parcel Pro.This issue affects Parcel Pro: from n/a through 1.6.11. | |||
| CVE-2023-37982 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Salesf… | |||
| CVE-2023-35883 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Magazine3 Core Web Vitals & PageSpeed Booster.This issue affects Core Web Vitals & PageSpeed Booster: from n/a through 1.0.12. | |||
| CVE-2023-45105 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SERVIT Software Solutions affiliate-toolkit – WordPress Affiliate Plugin.This issue affects affiliate-toolkit – WordPress Affiliat… | |||
| CVE-2023-41648 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Swapnil V. Patil Login and Logout Redirect.This issue affects Login and Logout Redirect: from n/a through 2.0.3. | |||
| CVE-2023-40602 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Doofinder Doofinder WP & WooCommerce Search.This issue affects Doofinder WP & WooCommerce Search: from n/a through 1.5.49. | |||
| CVE-2023-38481 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and Zoho CRM, Books, Invoice, Inventory, Bigin.This issue affects Integration for WooCommerc… | |||
| CVE-2023-38478 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and QuickBooks.This issue affects Integration for WooCommerce and QuickBooks: from n/a throu… | |||
| CVE-2023-50376 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in smp7, wp.Insider Simple Membership allows Reflected XSS.This issue affects Simple Membership: fro… | |||
| CVE-2023-49187 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spoonthemes Adifier - Classified Ads WordPress Theme allows Reflected XSS.This issue affects Adif… | |||
| CVE-2023-49185 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Doofinder Doofinder WP & WooCommerce Search allows Reflected XSS.This issue affects Doofinder WP … | |||
| CVE-2023-49183 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NextScripts NextScripts: Social Networks Auto-Poster allows Reflected XSS.This issue affects Next… | |||
| CVE-2023-49182 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fabio Marzocca List all posts by Authors, nested Categories and Titles allows Reflected XSS.This … | |||
| CVE-2023-49178 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mr. Hdwplayer HDW Player Plugin (Video Player & Video Gallery) allows Reflected XSS.This issue af… | |||
| CVE-2023-49177 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gilles Dumas which template file allows Reflected XSS.This issue affects which template file: fro… | |||
| CVE-2023-49176 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeRevolution WP Pocket URLs allows Reflected XSS.This issue affects WP Pocket URLs: from n/a th… | |||
| CVE-2023-49170 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in captainform Forms by CaptainForm – Form Builder for WordPress allows Reflected XSS.This issue aff… | |||
| CVE-2023-48771 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bruno "Aesqe" Babic File Gallery allows Reflected XSS.This issue affects File Gallery: from n/a t… | |||
| CVE-2023-48767 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raghu Goriya MyTube PlayList allows Reflected XSS.This issue affects MyTube PlayList: from n/a th… | |||
| CVE-2023-48756 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlocks For Elementor allows Reflected XSS.This issue affects JetBlocks For Elemento… | |||
| CVE-2023-49813 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo A… | |||
| CVE-2023-49771 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Raschendorfer Smart External Link Click Monitor [Link Log] allows Reflected XSS.This issue … | |||
| CVE-2023-49766 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Ultimate Addons for Contact Form 7 allows Stored XSS.This issue affects Ultimate Addons … | |||
| CVE-2023-49172 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BrainCert BrainCert – HTML5 Virtual Classroom allows Reflected XSS.This issue affects BrainCert –… | |||
| CVE-2023-49171 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TheInnovs Innovs HR – Complete Human Resource Management System for Your Business allows Reflecte… | |||
| CVE-2023-49827 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme allows Reflecte… | |||
| CVE-2023-49740 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seraphinite Solutions Seraphinite Accelerator allows Reflected XSS.This issue affects Seraphinite… | |||
| CVE-2023-47548 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Yo… | |||
| CVE-2023-45762 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Michael Uno (miunosoft) Responsive Column Widgets.This issue affects Responsive Column Widgets: from n/a through 1.2.7. | |||
| CVE-2023-48325 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in PluginOps Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages.This issue affects Landing Page B… | |||
| CVE-2023-47779 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks. Integration for Constant Contact and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for… | |||
| CVE-2023-48752 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Happyforms Form builder to get in touch with visitors, grow your email list and collect payments … | |||
| CVE-2023-48748 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme nectar Salient Core allows Reflected XSS.This issue affects Salient Core: from n/a through … | |||
| CVE-2023-48746 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles allows Refle… | |||
| CVE-2023-48278 | medium | 6.1 | 6.1 | 3y ago | Cross-Site Request Forgery (CSRF) vulnerability in Nitin Rathod WP Forms Puzzle Captcha allows Stored XSS.This issue affects WP Forms Puzzle Captcha: from n/a through 4.1. | |||
| CVE-2023-48272 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in yonifre Maspik – Spam Blacklist allows Stored XSS.This issue affects Maspik – Spam Blacklist: fro… | |||
| CVE-2023-47876 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Perfmatters allows Reflected XSS.This issue affects Perfmatters: from n/a through 2.1.6. | |||
| CVE-2023-47848 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tainacan.Org Tainacan allows Reflected XSS.This issue affects Tainacan: from n/a through 0.20.4. | |||
| CVE-2023-47844 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lim Kai Yang Grab & Save allows Reflected XSS.This issue affects Grab & Save: from n/a through 1.… | |||
| CVE-2023-47521 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Bond, AndreSC Q2W3 Post Order allows Reflected XSS.This issue affects Q2W3 Post Order: from n… | |||
| CVE-2023-38400 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Reflected XSS.This issue affects Enfold - R… | |||
| CVE-2023-46086 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SERVIT Software Solutions affiliate-toolkit – WordPress Affiliate Plugin allows Reflected XSS.Thi… | |||
| CVE-2023-38474 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Campaign Monitor Campaign Monitor for WordPress allows Reflected XSS.This issue affects Campaign … | |||
| CVE-2023-48326 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixelite Events Manager allows Reflected XSS.This issue affects Events Manager: from n/a through … | |||
| CVE-2023-48322 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eDoc Intelligence eDoc Employee Job Application – Best WordPress Job Manager for Employees allows… | |||
| CVE-2023-48743 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paul Menard Simply Exclude allows Reflected XSS.This issue affects Simply Exclude: from n/a throu… | |||
| CVE-2023-4406 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KC Group E-Commerce Software allows Reflected XSS. This issue affects E-Commerce Software: throu… | |||
| CVE-2023-28621 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wishfulthemes Raise Mag, Wishfulthemes Wishful Blog themes allows Reflected XSS.This issue affect… |