Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2023-47223: WordPress Basic Interactive World Map plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP Map Plugins Basic Interactive World Map plugin <= 2.0 versions.

CVE
Open in Source
#xss#vulnerability#web#wordpress#auth
CVE-2023-47190: WordPress Apollo13 Framework Extensions plugin <= 1.9.0 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Apollo13Themes Apollo13 Framework Extensions plugin <= 1.9.0 versions.

CVE-2023-47226: WordPress Post Sliders & Post Grids plugin <= 1.0.20 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Post Sliders & Post Grids plugin <= 1.0.20 versions.

CVE-2023-47181: WordPress IdeaPush plugin <= 8.52 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Martin Gibson IdeaPush plugin <= 8.52 versions.

GHSA-jmwm-w2rm-prv9: Microweber Cross-site Scripting vulnerability

Microweber CMS prior to version 2.0.3 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.

CVE-2023-46642: WordPress SAHU TikTok Pixel for E-Commerce plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in sahumedia SAHU TikTok Pixel for E-Commerce plugin <= 1.2.2 versions.

CVE-2023-46643: WordPress CloudNet360 plugin <= 3.2.0 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GARY JEZORSKI CloudNet360 plugin <= 3.2.0 versions.

CVE-2023-47379: Stored XSS Vulnerability in Microweber Version 2.0.1 - Astra

Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.

CVE-2023-46613: WordPress Add to Calendar Button plugin < 1.5.1 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Jens Kuerschner Add to Calendar Button plugin <= 1.5.1 versions.

CVE-2023-46627: WordPress WordPress Simple HTML Sitemap plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ashish Ajani WordPress Simple HTML Sitemap plugin <= 2.1 versions.