Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2023-41861: WordPress Restrict plugin <= 2.2.4 - Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Restrict plugin <= 2.2.4 versions.

CVE
#xss#vulnerability#web#wordpress#auth
CVE-2023-40667: WordPress Simple URLs plugin <= 117 - Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lasso Simple URLs plugin <= 117 versions.

CVE-2023-40663: WordPress WP VR plugin <= 8.3.4 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rextheme WP VR plugin <= 8.3.4 versions.

CVE-2023-41242: WordPress Snap Pixel plugin <= 1.5.7 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Hassan Ali Snap Pixel plugin <= 1.5.7 versions.

CVE-2023-41904: [Fixed] Generation of AuthToken without 2FA verification in ADManager Plus | CVE

Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass (for AuthToken generation) in REST APIs.

CVE-2023-40668: WordPress Save as PDF plugin by Pdfcrowd plugin <= 2.16.0 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd plugin <= 2.16.0 versions.

CVE-2023-40675: WordPress Landing Page Builder plugin <= 1.5.1.2 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PluginOps Landing Page Builder plugin <= 1.5.1.2 versions.

CVE-2023-41235: WordPress Everest News Pro theme <= 1.1.7 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest Themes Everest News Pro theme <= 1.1.7 versions.

CVE-2023-41236: WordPress Happy Elementor Addons Pro plugin <= 2.8.0 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Happy addons Happy Elementor Addons Pro plugin <= 2.8.0 versions.