Search Results (362966 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-47792 1 Infiniteuploads 1 Big File Uploads 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Infinite Uploads Big File Uploads – Increase Maximum File Upload Size plugin <= 2.1.1 versions.
CVE-2023-47791 1 Leadster 1 Leadster 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Leadster plugin <= 1.1.2 versions.
CVE-2023-47790 1 Popozure 1 Pz-linkcard 2024-11-21 7.1 High
Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability in Poporon Pz-LinkCard plugin <= 2.4.8 versions.
CVE-2023-47786 1 Layerslider 1 Layerslider 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LayerSlider plugin <= 7.7.9 versions.
CVE-2023-47781 1 Thrivethemes 1 Thrive Themes Builder 2024-11-21 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in Thrive Themes Thrive Theme Builder < 3.24.2 versions.
CVE-2023-47775 1 Gvectors 1 Wpdiscuz 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team Comments — wpDiscuz plugin <= 7.6.11 versions.
CVE-2023-47773 1 Yasglobal 1 Permalinks Customizer 2024-11-21 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YAS Global Team Permalinks Customizer plugin <= 2.8.2 versions.
CVE-2023-47772 1 Themepunch 1 Slider Revolution 2024-11-21 6.5 Medium
Contributor+ Stored Cross-Site Scripting (XSS) vulnerability in Slider Revolution <= 6.6.14.
CVE-2023-47768 1 Diywebmastery 1 Footer Putter 2024-11-21 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Russell Jamieson Footer Putter plugin <= 1.17 versions.
CVE-2023-47767 1 Fla-shop 1 Interactive World Map 2024-11-21 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fla-shop.Com Interactive World Map plugin <= 3.2.0 versions.
CVE-2023-47766 1 Ifeelweb 1 Post Status Notifier Lite 2024-11-21 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Timo Reith Post Status Notifier Lite plugin <= 1.11.0 versions.
CVE-2023-47765 1 Codebard 1 Codebard\'s Patron Button And Widgets For Patreon 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in CodeBard CodeBard's Patron Button and Widgets for Patreon plugin <= 2.1.9 versions.
CVE-2023-47758 1 Mondula 1 Multi Step Form 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Mondula GmbH Multi Step Form plugin <= 1.7.11 versions.
CVE-2023-47755 1 Aazztech 1 Woocommerce Product Carousel Slider 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AazzTech WooCommerce Product Carousel Slider plugin <= 3.3.5 versions.
CVE-2023-47741 1 Ibm 2 Db2 Mirror For I, I 2024-11-21 5.3 Medium
IBM i 7.3, 7.4, 7.5, IBM i Db2 Mirror for i 7.4 and 7.5 web browser clients may leave clear-text passwords in browser memory that can be viewed using common browser tools before the memory is garbage collected. A malicious actor with access to the victim's PC could exploit this vulnerability to gain access to the IBM i operating system. IBM X-Force ID: 272532.
CVE-2023-47722 1 Ibm 1 Api Connect 2024-11-21 6.2 Medium
IBM API Connect V10.0.5.3 and V10.0.6.0 stores user credentials in browser cache which can be read by a local user. IBM X-Force ID: 271912.
CVE-2023-47715 1 Ibm 1 Storage Protect Plus 2024-11-21 4.3 Medium
IBM Storage Protect Plus Server 10.1.0 through 10.1.16 could allow an authenticated user with read-only permissions to add or delete entries from an existing HyperVisor configuration. IBM X-Force ID: 271538.
CVE-2023-47707 3 Ibm, Linux, Microsoft 4 Aix, Security Guardium Key Lifecycle Manager, Linux Kernel and 1 more 2024-11-21 5.4 Medium
IBM Security Guardium Key Lifecycle Manager 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 271522.
CVE-2023-47706 3 Ibm, Linux, Microsoft 4 Aix, Security Guardium Key Lifecycle Manager, Linux Kernel and 1 more 2024-11-21 6.6 Medium
IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to upload files of a dangerous file type. IBM X-Force ID: 271341.
CVE-2023-47705 3 Ibm, Linux, Microsoft 4 Aix, Security Guardium Key Lifecycle Manager, Linux Kernel and 1 more 2024-11-21 4.3 Medium
IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to manipulate username data due to improper input validation. IBM X-Force ID: 271228.