Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

SoftExpert Suite 2.1.3 Local File Inclusion

SoftExpert Suite version 2.1.3 suffers from a local file inclusion vulnerability.

Packet Storm
Open in Source
#xss#vulnerability#web#apple#google#linux#js#git#java#php#auth#chrome#webkit#firefox
PHPJabbers Simple CMS 5.0 Cross Site Scripting

PHPJabbers Simple CMS version 5.0 suffers from a persistent cross site scripting vulnerability.

PHPFusion 9.10.30 Cross Site Scripting

PHPFusion version 9.10.30 suffers from a persistent cross site scripting vulnerability.

CVE-2023-23809: WordPress Stock market charts from finviz plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Moris Dov Stock market charts from finviz plugin <= 1.0.1 versions.

CVE-2023-23785: WordPress Exquisite PayPal Donation plugin <= v2.0.0 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in DgCult Exquisite PayPal Donation plugin <= v2.0.0 versions.

CVE-2023-23808: WordPress Sponsors Carousel plugin <= 4.02 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sergey Panasenko Sponsors Carousel plugin <= 4.02 versions.

CVE-2023-27378: myF5

Multiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility which allow an attacker to run JavaScript in the context of the currently logged-in user.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2023-23874: WordPress Ditty plugin <= 3.0.32 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Metaphor Creations Ditty plugin <= 3.0.32 versions.