Security
Headlines
HeadlinesLatestCVEs

Source

CVE

CVE-2023-47658: WordPress Extra Product Options for WooCommerce plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (ShopManager+) Stored Cross-Site Scripting (XSS) vulnerability in actpro Extra Product Options for WooCommerce plugin <= 3.0.3 versions.

CVE
Open in Source
#xss#vulnerability#web#wordpress#auth
CVE-2023-47653: WordPress TWB Woocommerce Reviews plugin <= 1.7.5 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Abu Bakar TWB Woocommerce Reviews plugin <= 1.7.5 versions.

CVE-2023-47654: WordPress BZScore – Live Score plugin <= 1.03 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in livescore.Bz BZScore – Live Score plugin <= 1.03 versions.

CVE-2023-47656: WordPress ANAC XML Bandi di Gara plugin <= 7.5 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Milesi ANAC XML Bandi di Gara plugin <= 7.5 versions.

CVE-2023-22329

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via adjacent access.

CVE-2023-24587

Insufficient control flow management in firmware for some Intel(R) Optane(TM) SSD products may allow a privileged user to potentially enable denial of service via local access.

CVE-2023-24592

Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023.1 may allow authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-28378

Improper authorization in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-36025

Windows SmartScreen Security Feature Bypass Vulnerability

CVE-2023-36396

Windows Compressed Folder Remote Code Execution Vulnerability