Total
38490 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-22712 | 1 Templatesnext | 1 Templatesnext Toolkit | 2024-11-21 | N/A | 6.5 MEDIUM |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in TemplatesNext TemplatesNext ToolKit plugin <= 3.2.7 versions. | |||||
| CVE-2023-22711 | 1 Agentevolution | 1 Impress Listings | 2024-11-21 | N/A | 6.5 MEDIUM |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Agent Evolution IMPress Listings plugin <= 2.6.2 versions. | |||||
| CVE-2023-22710 | 1 Return And Warranty Management System For Woocommerce Project | 1 Return And Warranty Management System For Woocommerce | 2024-11-21 | N/A | 7.1 HIGH |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in chilidevs Return and Warranty Management System for WooCommerce plugin <= 1.2.3 versions. | |||||
| CVE-2023-22706 | 1 Wp-property-hive | 1 Propertyhive | 2024-11-21 | N/A | 7.1 HIGH |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PropertyHive plugin <= 1.5.48 versions. | |||||
| CVE-2023-22704 | 1 Mtrv | 1 Teachpress | 2024-11-21 | N/A | 7.1 HIGH |
| Reflected Cross-Site Scripting (XSS) vulnerability in Michael Winkler teachPress plugin <= 8.1.8 versions. | |||||
| CVE-2023-22703 | 1 Webcodin | 1 Wcp Contact Form | 2024-11-21 | N/A | 7.1 HIGH |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Webcodin WCP Contact Form plugin <= 3.1.0 versions. | |||||
| CVE-2023-22698 | 1 Theme Blvd Responsive Google Maps Project | 1 Theme Blvd Responsive Google Maps | 2024-11-21 | N/A | 6.5 MEDIUM |
| Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Jason Bobich Theme Blvd Responsive Google Maps plugin <= 1.0.2 versions. | |||||
| CVE-2023-22696 | 1 Custom4web | 1 Affiliate Links Lite | 2024-11-21 | N/A | 6.5 MEDIUM |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Custom4Web Affiliate Links Lite plugin <= 2.5 versions. | |||||
| CVE-2023-22690 | 1 Shopfiles | 1 Ebook Store | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Shopfiles Ltd Ebook Store plugin <= 5.775 versions. | |||||
| CVE-2023-22685 | 1 Tipsandtricks-hq | 1 Category Specific Rss Feed Subscription | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tips and Tricks HQ, Ruhul Amin Category Specific RSS feed Subscription plugin <= v2.2 versions. | |||||
| CVE-2023-22684 | 1 Hellobar | 1 Subscribers | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Subscribers.Com Subscribers plugin <= 1.5.3 versions. | |||||
| CVE-2023-22683 | 1 Clio | 1 Clio Grow | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Themis Solutions, Inc. Clio Grow plugin <= 1.0.0 versions. | |||||
| CVE-2023-22682 | 1 Pixedelic | 1 Camera Slideshow | 2024-11-21 | N/A | 7.1 HIGH |
| Reflected Cross-Site Scripting (XSS) vulnerability in Manuel Masia | Pixedelic.Com Camera slideshow plugin <= 1.4.0.1 versions. | |||||
| CVE-2023-22680 | 1 Altanic | 1 No Api Amazon Affiliate | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Altanic No API Amazon Affiliate plugin <= 4.2.2 versions. | |||||
| CVE-2023-22679 | 1 Wp Better Emails Project | 1 Wp Better Emails | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Nicolas Lemoine WP Better Emails plugin <= 0.4 versions. | |||||
| CVE-2023-22654 | 2 Especmic, Tandd | 20 Rs-12n, Rs-12n Firmware, Rt-12n and 17 more | 2024-11-21 | N/A | 5.4 MEDIUM |
| Client-side enforcement of server-side security issue exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may lead to an arbitrary script execution on a logged-in user's web browser. Affected products and versions are as follows: T&D Corporation data logger products (TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions), and ESPEC MIC CORP. data logger products (RT-12N/RS-12N all firmware versions, RT-22BN all firmware versions, and TEU-12N all firmware versions). | |||||
| CVE-2023-22638 | 1 Fortinet | 1 Fortinac | 2024-11-21 | N/A | 7.1 HIGH |
| Several improper neutralization of inputs during web page generation vulnerability [CWE-79] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below, 8.6.5 and below, 8.5.4 and below, 8.3.7 and below may allow an authenticated attacker to perform several XSS attacks via crafted HTTP GET requests. | |||||
| CVE-2023-22637 | 1 Fortinet | 2 Fortinac, Fortinac-f | 2024-11-21 | N/A | 6.5 MEDIUM |
| An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions in License Management would permit an authenticated attacker to trigger remote code execution via crafted licenses. | |||||
| CVE-2023-22595 | 1 Ibm | 2 B2b Advanced Communications, Multi-enterprise Integration Gateway | 2024-11-21 | N/A | 5.4 MEDIUM |
| IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244076. | |||||
| CVE-2023-22594 | 3 Ibm, Microsoft, Redhat | 5 Robotic Process Automation, Robotic Process Automation As A Service, Robotic Process Automation For Cloud Pak and 2 more | 2024-11-21 | N/A | 4.6 MEDIUM |
| IBM Robotic Process Automation for Cloud Pak 20.12.0 through 21.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244075. | |||||