Total
30733 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-25052 | 1 Te-st | 1 Yandex.news Feed By Teplitsa | 2024-08-02 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Teplitsa Yandex.News Feed by Teplitsa plugin <= 1.12.5 versions. | ||||
| CVE-2023-25018 | 1 Rifartek | 1 Iot Wall | 2024-08-02 | 5.4 Medium |
| RIFARTEK IOT Wall transportation function has insufficient filtering for user input. An authenticated remote attacker with general user privilege can inject JavaScript to perform reflected XSS (Reflected Cross-site scripting) attack. | ||||
| CVE-2023-25040 | 1 Getshortcodes | 1 Shortcodes Ultimate | 2024-08-02 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Vova Anokhin WordPress Shortcodes Plugin — Shortcodes Ultimate plugin <= 5.12.6 versions. | ||||
| CVE-2023-25027 | 1 Kibokolabs | 1 Chained Quiz | 2024-08-02 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Chained Quiz plugin <= 1.3.2.5 versions. | ||||
| CVE-2023-25062 | 1 Pinpoint | 1 Pinpoint Booking System | 2024-08-02 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PINPOINT.WORLD Pinpoint Booking System plugin <= 2.9.9.2.8 versions. | ||||
| CVE-2023-25021 | 1 Fareharbor | 1 Fareharbor | 2024-08-02 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in FareHarbor FareHarbor for WordPress plugin <= 3.6.6 versions. | ||||
| CVE-2023-24920 | 1 Microsoft | 1 Dynamics 365 | 2024-08-02 | 5.4 Medium |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||||
| CVE-2023-24957 | 1 Ibm | 1 Business Automation Workflow | 2024-08-02 | 5.4 Medium |
| IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 246115. | ||||
| CVE-2023-25049 | 1 Implecode | 1 Ecommerce Product Catalog | 2024-08-02 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress plugin <= 3.3.4 versions. | ||||
| CVE-2023-25064 | 1 Wp Htpasswd Project | 1 Wp Htpasswd | 2024-08-02 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Matteo Candura WP htpasswd plugin <= 1.7 versions. | ||||
| CVE-2023-25031 | 1 Kibokolabs | 1 Arigato Autoresponder And Newsletter | 2024-08-02 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1 versions. | ||||
| CVE-2023-25041 | 1 Cththemes | 1 Monolit | 2024-08-02 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cththemes Monolit theme <= 2.0.6 versions. | ||||
| CVE-2023-25059 | 1 Avalex | 1 Avalex | 2024-08-02 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in avalex GmbH avalex – Automatically secure legal texts plugin <= 3.0.3 versions. | ||||
| CVE-2023-25022 | 1 Kibokolabs | 1 Watu Quiz | 2024-08-02 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.8 versions. | ||||
| CVE-2023-25077 | 1 Ec-cube | 1 Ec-cube | 2024-08-02 | 5.4 Medium |
| Cross-site scripting vulnerability in Authentication Key Settings of EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0 allows a remote authenticated attacker to inject an arbitrary script. | ||||
| CVE-2023-25020 | 1 Kibokolabs | 1 Arigato Autoresponder And Newsletter | 2024-08-02 | 7.1 High |
| Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1.1 versions. | ||||
| CVE-2023-25023 | 1 Saleswonder | 1 Webinar Ignition | 2024-08-02 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saleswonder.Biz Webinar ignition plugin <= 2.14.2 versions. | ||||
| CVE-2023-25024 | 1 Icegram | 1 Icegram Collect | 2024-08-02 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Icegram Icegram Collect plugin <= 1.3.8 versions. | ||||
| CVE-2023-24921 | 1 Microsoft | 1 Dynamics 365 | 2024-08-02 | 5.4 Medium |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||||
| CVE-2023-24966 | 1 Ibm | 1 Websphere Application Server | 2024-08-02 | 6.1 Medium |
| IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 246904. | ||||