Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2023-23785: WordPress Exquisite PayPal Donation plugin <= v2.0.0 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in DgCult Exquisite PayPal Donation plugin <= v2.0.0 versions.

CVE
Open in Source
#xss#vulnerability#web#wordpress#auth
CVE-2023-23808: WordPress Sponsors Carousel plugin <= 4.02 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sergey Panasenko Sponsors Carousel plugin <= 4.02 versions.

CVE-2023-23809: WordPress Stock market charts from finviz plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Moris Dov Stock market charts from finviz plugin <= 1.0.1 versions.

CVE-2023-27378: myF5

Multiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility which allow an attacker to run JavaScript in the context of the currently logged-in user.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2023-23874: WordPress Ditty plugin <= 3.0.32 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Metaphor Creations Ditty plugin <= 3.0.32 versions.

CVE-2023-22683: WordPress Clio Grow plugin <= 1.0.0 - Cross Site Scripting (XSS) Vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Themis Solutions, Inc. Clio Grow plugin <= 1.0.0 versions.

CVE-2023-25979: WordPress Video Gallery – YouTube Gallery plugin <= 1.7.6 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Video Gallery by Total-Soft Video Gallery plugin <= 1.7.6 versions.

RHSA-2023:2100: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.1 security update

Red Hat Integration Camel for Spring Boot 3.20.1 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-37533: A flaw was found in Apache Commons Net's FTP, where the client trusts the host from PASV response by default. A malicious server could redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This issue could lead to leakage of information about service...

CVE-2023-23820: WordPress ProfilePress plugin <= 4.5.4 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team ProfilePress plugin <= 4.5.4 versions.