Search Results (365153 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-44246 1 Matiass 1 Shockingly Simple Favicon 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Matias s Shockingly Simple Favicon plugin <= 1.8.2 versions.
CVE-2023-44245 1 Leaptodigital 1 Contact Form Website To Workflow Tool 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Leap Contractor Contact Form Website to Workflow Tool plugin <= 4.0.0 versions.
CVE-2023-44244 1 Fooplugins 1 Foogallery 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <= 2.2.44 versions.
CVE-2023-44243 1 Dylanblokhuis 1 Instant Css 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Dylan Blokhuis Instant CSS plugin <= 1.2.1 versions.
CVE-2023-44242 1 2joomla 1 2j Slideshow 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team Slideshow, Image Slider by 2J plugin <= 1.3.54 versions.
CVE-2023-44241 1 Keap 1 Keap Landing Pages 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Keap Keap Landing Pages plugin <= 1.4.2 versions.
CVE-2023-44240 1 Peterbutler 1 Timthumb Vulnerability Scanner 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Peter Butler Timthumb Vulnerability Scanner plugin <= 1.54 versions.
CVE-2023-44239 1 Walkswithme 1 Social Share On Image Hover 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jobin Jose WWM Social Share On Image Hover plugin <= 2.2 versions.
CVE-2023-44238 1 Joakimling 1 Remove Slug From Custom Post Type 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Joakim Ling Remove slug from custom post type plugin <= 1.0.3 versions.
CVE-2023-44237 1 Moriyan Jay 1 Wp Site Protector 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Moriyan Jay WP Site Protector plugin <= 2.0 versions.
CVE-2023-44236 1 Devnath Verma 1 Wp Captcha 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Devnath verma WP Captcha plugin <= 2.0.0 versions.
CVE-2023-44234 1 Devfarm 1 Wp Gpx Maps 2024-11-21 4.3 Medium
Missing Authorization vulnerability in Bastianon Massimo WP GPX Map.This issue affects WP GPX Map: from n/a through 1.7.08.
CVE-2023-44232 1 Nxsn 1 Wp Hide Pages 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Huseyin Berberoglu WP Hide Pages plugin <= 1.0 versions.
CVE-2023-44231 1 Nickduncan 1 Contact Form 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in NickDuncan Contact Form plugin <= 2.0.10 versions.
CVE-2023-44230 1 Gopiplus 1 Popup Contact Form 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <= 7.1 versions.
CVE-2023-44229 1 Gopiplus 1 Tiny Carosel Horizontal Slider 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Tiny Carousel Horizontal Slider plugin <= 8.1 versions.
CVE-2023-44228 1 Gopiplus 1 Onclick Show Popup 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Onclick show popup plugin <= 8.1 versions.
CVE-2023-44220 1 Sonicwall 1 Netextender 2024-11-21 7.3 High
SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system.
CVE-2023-44219 2 Microsoft, Sonicwall 2 Windows, Directory Services Connector 2024-11-21 7.8 High
A local privilege escalation vulnerability in SonicWall Directory Services Connector Windows MSI client 4.1.21 and earlier versions allows a local low-privileged user to gain system privileges through running the recovery feature.
CVE-2023-44218 1 Sonicwall 1 Netextender 2024-11-21 8.8 High
A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation (LPE) vulnerability.