Total
38501 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-23858 | 1 Sap | 1 Netweaver Application Server Abap | 2024-11-21 | N/A | 6.1 MEDIUM |
| Due to insufficient input validation, SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to send a crafted URL to a user, and by clicking the URL, the tricked user accesses SAP and might be directed with the response to somewhere out-side SAP and enter sensitive data. This could cause a limited impact on confidentiality and integrity of the application. | |||||
| CVE-2023-23856 | 1 Sap | 1 Business Objects Business Intelligence Platform | 2024-11-21 | N/A | 4.3 MEDIUM |
| In SAP BusinessObjects Business Intelligence (Web Intelligence user interface) - version 430, some calls return json with wrong content type in the header of the response. As a result, a custom application that calls directly the jsp of Web Intelligence DHTML may be vulnerable to XSS attacks. On successful exploitation an attacker can cause a low impact on integrity of the application. | |||||
| CVE-2023-23852 | 1 Sap | 1 Solution Manager | 2024-11-21 | N/A | 6.1 MEDIUM |
| SAP Solution Manager (System Monitoring) - version 720, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | |||||
| CVE-2023-23833 | 1 Drop Shadow Boxes Project | 1 Drop Shadow Boxes | 2024-11-21 | N/A | 6.5 MEDIUM |
| Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Steven Henty Drop Shadow Boxes plugin <= 1.7.10 versions. | |||||
| CVE-2023-23832 | 1 Ultimate Wp Query Search Filter Project | 1 Ultimate Wp Query Search Filter | 2024-11-21 | N/A | 6.5 MEDIUM |
| Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in TC Ultimate WP Query Search Filter plugin <= 1.0.10 versions. | |||||
| CVE-2023-23831 | 1 Rating-widget | 1 Ratingwidget | 2024-11-21 | N/A | 6.5 MEDIUM |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rating-Widget Rating-Widget: Star Review System plugin <= 3.1.9 versions. | |||||
| CVE-2023-23830 | 1 Properfraction | 1 Profilepress | 2024-11-21 | N/A | 7.1 HIGH |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team ProfilePress plugin <= 4.5.4 versions. | |||||
| CVE-2023-23829 | 1 Pierre-jehan | 1 Owl Carousel | 2024-11-21 | N/A | 6.5 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pierre JEHAN Owl Carousel plugin <= 0.5.3 versions. | |||||
| CVE-2023-23828 | 1 Swas | 1 Wp Category Post List | 2024-11-21 | N/A | 6.5 MEDIUM |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Swashata WP Category Post List Widget plugin <= 2.0.3 versions. | |||||
| CVE-2023-23827 | 1 Google Maps V3 Shortcode Project | 1 Google Maps V3 Shortcode | 2024-11-21 | N/A | 6.5 MEDIUM |
| Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Google Maps v3 Shortcode plugin <= 1.2.1 versions. | |||||
| CVE-2023-23826 | 1 Webmechanix | 1 Add Posts To Pages | 2024-11-21 | N/A | 6.5 MEDIUM |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Arsham Mirshah Add Posts to Pages plugin <= 1.4.1 versions. | |||||
| CVE-2023-23822 | 1 Utm Tracker Project | 1 Utm Tracker | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ludwig Media UTM Tracker plugin <= 1.3.1 versions. | |||||
| CVE-2023-23821 | 1 Interactive Polish Map Project | 1 Interactive Polish Map | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marcin Pietrzak Interactive Polish Map plugin <= 1.2 versions. | |||||
| CVE-2023-23820 | 1 Properfraction | 1 Profilepress | 2024-11-21 | N/A | 6.5 MEDIUM |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team ProfilePress plugin <= 4.5.4 versions. | |||||
| CVE-2023-23819 | 1 Itemprop Wp For Serp\/seo Rich Snippets Project | 1 Itemprop Wp For Serp\/seo Rich Snippets | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Rolands Umbrovskis itemprop WP for SERP/SEO Rich snippets plugin <= 3.5.201706131 versions. | |||||
| CVE-2023-23818 | 1 Aviplugins | 1 Wp Register Profile With Shortcode | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Aviplugins.Com WP Register Profile With Shortcode plugin <= 3.5.7 versions. | |||||
| CVE-2023-23817 | 1 Simple Pdf Viewer Project | 1 Simple Pdf Viewer | 2024-11-21 | N/A | 6.5 MEDIUM |
| Auth. (contrinbutor+) Cross-Site Scripting (XSS) vulnerability in WebArea | Vera Nedvyzhenko Simple PDF Viewer plugin <= 1.9 versions. | |||||
| CVE-2023-23816 | 1 Sitemap Index Project | 1 Sitemap Index | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Twardes Sitemap Index plugin <= 1.2.3 versions. | |||||
| CVE-2023-23815 | 1 Multi-column Tag Map Project | 1 Multi-column Tag Map | 2024-11-21 | N/A | 6.5 MEDIUM |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Alan Jackson Multi-column Tag Map plugin <= 17.0.24 versions. | |||||
| CVE-2023-23812 | 1 Enhanced Wp Contact Form Project | 1 Enhanced Wp Contact Form | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joost de Valk Enhanced WP Contact Form plugin <= 2.2.3 versions. | |||||