CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (359890 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-23758	1 Creative-solutions	1 Creative Gallery	2024-11-21	9.8 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability allows SQL Injection.
CVE-2023-23757	1 Bestaddon	1 Bestaddon Gallery	2024-11-21	9.8 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability allows SQL Injection.
CVE-2023-23737	1 Managewp	1 Broken Link Checker	2024-11-21	9.3 Critical
Unauth. SQL Injection (SQLi) vulnerability in MainWP MainWP Broken Links Checker Extension plugin <= 4.0 versions.
CVE-2023-23734	1 Userlike	1 Userlike	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Voswinkel Userlike – WordPress Live Chat plugin <= 2.2 versions.
CVE-2023-23732	1 Disqus Conditional Load Project	1 Disqus Conditional Load	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joel James Disqus Conditional Load plugin <= 11.0.6 versions.
CVE-2023-23731	1 Hasthemes	1 Wishsuite	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in HasTheme WishSuite plugin <= 1.3.3 versions.
CVE-2023-23719	1 Premmerce	1 Premmerce	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Premmerce plugin <= 1.3.17 versions.
CVE-2023-23707	1 Awsm	1 Embed Any Document	2024-11-21	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Unrestricted Upload of File with Dangerous Type vulnerability in Awsm Innovations Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files allows Stored XSS via upload of SVG and HTML files. This issue affects Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin <= 2.7.1 versions.
CVE-2023-23704	1 Pixelgrade	1 Comments Rating	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade Comments Ratings plugin <= 1.1.6 versions.
CVE-2023-23699	1 Progress Bar Project	1 Progress Bar	2024-11-21	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Chris Reynolds Progress Bar plugin <= 2.2.1 versions.
CVE-2023-23683	1 White Label Branding For Elementor Page Builder Project	1 White Label Branding For Elementor Page Builder	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ozan Canakli White Label Branding for Elementor Page Builder plugin <= 1.0.2 versions.
CVE-2023-23671	1 Web-settler	1 Layer Slider	2024-11-21	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Muneeb Layer Slider plugin <= 1.1.9.7 versions.
CVE-2023-23667	1 Berocket	1 Brands For Woocommerce	2024-11-21	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in BeRocket Brands for WooCommerce plugin <= 3.7.0.6 versions.
CVE-2023-23664	1 Convertbox	1 Convertbox Auto Embed	2024-11-21	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ConvertBox ConvertBox Auto Embed WordPress plugin <= 1.0.19 versions.
CVE-2023-23660	1 Mainwp	1 Mainwp Maintenance Extension	2024-11-21	8.5 High
Auth. (subscriber+) SQL Injection (SQLi) vulnerability in MainWP MainWP Maintenance Extension plugin <= 4.1.1 versions.
CVE-2023-23657	1 Webfwd	1 Mail Subscribe List	2024-11-21	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Richard Leishman t/a Webforward Mail Subscribe List plugin <= 2.1.9 versions.
CVE-2023-23654	1 Messagebird	1 Sparkpost	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SparkPost plugin <= 3.2.5 versions.
CVE-2023-23651	1 Mainwp	1 Mainwp Google Analytics Extension	2024-11-21	8.5 High
Auth. (subscriber+) SQL Injection (SQLi) vulnerability in MainWP Google Analytics Extension plugin <= 4.0.4 versions.
CVE-2023-23646	1 Awplife	1 Album Gallery	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Album Gallery – WordPress Gallery plugin <= 1.4.9 versions.
CVE-2023-23641	1 Wpmanage	1 Uji Popup	2024-11-21	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WPmanage Uji Popup plugin <= 1.4.3 versions.

« first previous Page 12845 of 17995. next last »