Export limit exceeded: 363984 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363984 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 47186 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (47186 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-32122 1 Spiffyplugins 1 Spiffy Calendar 2024-11-21 5.8 Medium
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Spiffy Plugins Spiffy Calendar plugin <= 4.9.3 versions.
CVE-2023-32119 1 Wpo365 1 Mail Integration For Office 365 \/ Outlook 2024-11-21 5.8 Medium
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPO365 | Mail Integration for Office 365 / Outlook plugin <= 1.9.0 versions.
CVE-2023-32118 1 Wpoperation 1 Salert - Fake Sales Notification Woocommerce 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPoperation SALERT – Fake Sales Notification WooCommerce plugin <= 1.2.1 versions.
CVE-2023-32116 1 Totalpress 1 Custom Post Types 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in TotalPress.Org Custom post types, Custom Fields & more plugin <= 4.0.12 versions.
CVE-2023-32109 1 Eduva 1 Albo Pretorio Online 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On line plugin <= 4.6.3 versions.
CVE-2023-32108 1 Eduva 1 Albo Pretorio Online 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On line plugin <= 4.6.3 versions.
CVE-2023-32107 1 Ays-pro 1 Photo Gallery 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.1.3 versions.
CVE-2023-32105 1 Wp-pizza 1 Wppizza 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ollybach WPPizza – A Restaurant Plugin plugin <= 3.17.1 versions.
CVE-2023-32103 1 Themepalace 1 Tp Education 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Theme Palace TP Education plugin <= 4.4 versions.
CVE-2023-32102 1 Pexlechris 1 Library Viewer 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Pexle Chris Library Viewer plugin <= 2.0.6 versions.
CVE-2023-32089 1 Pega 1 Platform 2024-11-21 4.6 Medium
Pega Platform versions 8.1 to 8.8.2 are affected by an XSS issue with Pin description
CVE-2023-32088 1 Pega 1 Platform 2024-11-21 4.6 Medium
Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with ad-hoc case creation
CVE-2023-32087 1 Pega 1 Platform 2024-11-21 4.6 Medium
Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with task creation
CVE-2023-32000 1 Ui 1 Unifi Network Application 2024-11-21 4.8 Medium
A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and earlier) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an Administrator to visit a malicious web page.
CVE-2023-31942 1 Online Travel Agency System Project 1 Online Travel Agency System 2024-11-21 4.8 Medium
Cross Site Scripting vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the description parameter in insert.php.
CVE-2023-31935 1 Phpgurukul 1 Rail Pass Management System 2024-11-21 4.8 Medium
Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the emial parameter of admin-profile.php.
CVE-2023-31934 1 Phpgurukul 1 Rail Pass Management System 2024-11-21 4.8 Medium
Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the adminname parameter of admin-profile.php.
CVE-2023-31853 1 Cudy 2 Lt400, Lt400 Firmware 2024-11-21 6.1 Medium
Cudy LT400 1.13.4 is vulnerable Cross Site Scripting (XSS) in /cgi-bin/luci/admin/network/bandwidth via the icon parameter.
CVE-2023-31851 1 Cudy 2 Lt400, Lt400 Firmware 2024-11-21 6.1 Medium
Cudy LT400 1.13.4 is has a cross-site scripting (XSS) vulnerability in /cgi-bin/luci/admin/network/wireless/status via the iface parameter.
CVE-2023-31808 1 Technicolor 2 Tg670, Tg670 Firmware 2024-11-21 7.2 High
Technicolor TG670 10.5.N.9 devices contain multiple accounts with hard-coded passwords. One account has administrative privileges, allowing for unrestricted access over the WAN interface if Remote Administration is enabled.