Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2023-41597: EyouCms v1.6.2 存在反射型XSS漏洞 · Issue #238 · emlog/emlog

EyouCms v1.6.2 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /admin/twitter.php?active_t.

CVE
Open in Source
#xss#vulnerability#git#php
CVE-2023-47309: [CVE-2023-47309] Improper Neutralization of Input During Web Page Generation in Nukium - NKM GLS module for PrestaShop

Nukium nkmgls before version 3.0.2 is vulnerable to Cross Site Scripting (XSS) via NkmGlsCheckoutModuleFrontController::displayAjaxSavePhoneMobile.

CVE-2023-47518: WordPress Restrict Categories plugin <= 2.6.4 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Matthew Muro Restrict Categories plugin <= 2.6.4 versions.

CVE-2023-47517: WordPress SendPress Newsletters plugin <= 1.23.11.6 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.23.11.6 versions.

CVE-2023-47532: WordPress WP Crowdfunding plugin <= 2.1.6 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Themeum WP Crowdfunding plugin <= 2.1.6 versions.

CVE-2023-47528: WordPress WP Edit Username plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sajjad Hossain Sagor WP Edit Username plugin <= 1.0.5 versions.

CVE-2023-47524: WordPress CodeBard's Patron Button and Widgets for Patreon plugin <= 2.1.9 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability (requires PHP 8.x) in CodeBard CodeBard's Patron Button and Widgets for Patreon plugin <= 2.1.9 versions.

CVE-2023-47520: WordPress Responsive Column Widgets plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Michael Uno (miunosoft) Responsive Column Widgets plugin <= 1.2.7 versions.

CVE-2023-46580: Code-Projects-Inventory-Management-1.0/CVE-2023-46580-Code-Projects-Inventory-Management-1.0-Stored-Cross-Site-Scripting-Vulnerability.md at main · ersinerenler/Code-Projects-Inventory-Management-1.0

Cross-Site Scripting (XSS) vulnerability in Inventory Management V1.0 allows attackers to execute arbitrary code via the pname parameter of the editProduct.php component.