Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (357834 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-41874 1 Tychesoftwares 1 Order Delivery Date For Woocommerce 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Tyche Softwares Order Delivery Date for WooCommerce plugin <= 3.20.0 versions.
CVE-2023-41872 1 Xtemos 1 Woodmart 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Xtemos WoodMart plugin <= 7.2.4 versions.
CVE-2023-41871 1 Ays-pro 1 Poll Maker 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Poll Maker Team Poll Maker plugin <= 4.7.0 versions.
CVE-2023-41868 1 Codestag 1 Stagtools 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ram Ratan Maurya, Codestag StagTools plugin <= 2.3.7 versions.
CVE-2023-41867 1 Acymailing 1 Acymailing 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in AcyMailing Newsletter Team AcyMailing plugin <= 8.6.2 versions.
CVE-2023-41863 1 Peprodev 1 Peprodev Cf7 Database 2024-11-21 7.1 High
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Pepro Dev. Group PeproDev CF7 Database plugin <= 1.7.0 versions.
CVE-2023-41861 1 Tickera 1 Restrict 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Restrict plugin <= 2.2.4 versions.
CVE-2023-41860 1 Travelmap 1 Travelmap 2024-11-21 5.8 Medium
Unauth. Cross-Site Scripting (XSS) vulnerability in TravelMap plugin <= 1.0.1 versions.
CVE-2023-41858 1 Tychesoftwares 1 Order Delivery Date For Woocommerce 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin <= 1.2 versions.
CVE-2023-41856 1 Clicktotweet 1 Click To Tweet 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ClickToTweet.Com Click To Tweet plugin <= 2.0.14 versions.
CVE-2023-41855 1 Regpacks 1 Regpack 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Regpacks Regpack plugin <= 0.1 versions.
CVE-2023-41854 1 Wpcentral 1 Wpcentral 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Ltd. WpCentral plugin <= 1.5.7 versions.
CVE-2023-41853 1 Wpicalavailability 1 Wp Ical Availability 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WP iCal Availability plugin <= 1.0.3 versions.
CVE-2023-41852 1 Mailmunch 1 Mailmunch 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailMunch – Grow your Email List plugin <= 3.1.2 versions.
CVE-2023-41851 1 Dotsquares 1 Wp Custom Post Template 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Dotsquares WP Custom Post Template <= 1.0 versions.
CVE-2023-41850 1 Sparro 1 Outbound Link Manager 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Morris Bryant, Ruben Sargsyan Outbound Link Manager plugin <= 1.2 versions.
CVE-2023-41847 1 Wensolutions 1 Notice Bar 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WEN Solutions Notice Bar plugin <= 3.1.0 versions.
CVE-2023-41846 1 Siemens 1 Tecnomatix 2024-11-21 7.8 High
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application is vulnerable to memory corruption while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.
CVE-2023-41838 1 Fortinet 2 Fortianalyzer, Fortimanager 2024-11-21 6.9 Medium
An improper neutralization of special elements used in an os command ('os command injection') in FortiManager 7.4.0 and 7.2.0 through 7.2.3 may allow attacker to execute unauthorized code or commands via FortiManager cli.
CVE-2023-41815 1 Pandorafms 1 Pandora Fms 2024-11-21 7.5 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Malicious code could be executed in the File Manager section. This issue affects Pandora FMS: from 700 through 774.