Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (42958 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-47173 1 Advancedformintegration 1 Advanced Form Integration 2025-01-10 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nasirahmed Connect Contact Form 7, WooCommerce To Google Sheets & Other Platforms – Advanced Form Integration plugin <= 1.62.0 versions.
CVE-2023-25992 1 Cminds 1 Cm Answers 2025-01-10 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeMindsSolutions CM Answers plugin <= 3.1.9 versions.
CVE-2022-47146 1 Contempothemes 1 Real Estate 7 2025-01-10 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Contempoinc Real Estate 7 WordPress theme <= 3.3.1 versions.
CVE-2022-45825 1 Liquidweb 1 Wpcomplete 2025-01-10 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in iThemes WPComplete plugin <= 2.9.2 versions.
CVE-2022-45831 1 Oxilab 1 Image Hover Effects For Elementor With Lightbox And Flipbox 2025-01-10 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in biplob018 Image Hover Effects for Elementor with Lightbox and Flipbox plugin <= 2.8 versions.
CVE-2023-3026 1 Diagrams 1 Drawio 2025-01-10 6.1 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 21.2.8.
CVE-2022-45938 1 Xfinity 1 Comcast Defined Technologies Microeisbss 2025-01-10 8 High
An issue was discovered in Comcast Defined Technologies microeisbss through 2021. An attacker can inject a stored XSS payload in the Device ID field under Inventory Management to achieve Remote Code Execution and privilege escalation..
CVE-2022-46863 1 Fullworksplugins 1 Quick Event Manager 2025-01-10 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin <= 9.6.4 versions.
CVE-2022-47170 1 Unlimited-elements 1 Unlimited Elements For Elementor 2025-01-10 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 1.5.48 versions.
CVE-2023-25704 1 Wpmart 1 Interactive Svg Image Map Builder 2025-01-10 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mehjabin Orthi Interactive SVG Image Map Builder plugin <= 1.0 versions.
CVE-2022-47433 1 Multi Rating Project 1 Multi Rating 2025-01-10 7.1 High
Unauth. Reflected Cross-Site Scripting vulnerability in Daniel Powney Multi Rating plugin <= 5.0.5 versions.
CVE-2022-47438 1 Wpdevart 1 Booking Calendar 2025-01-10 5.9 Medium
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions.
CVE-2022-47444 1 Properfraction 1 Profilepress 2025-01-10 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin <= 4.5.3 versions.
CVE-2022-47610 1 Mrdigital 1 Simple Image Popup 2025-01-10 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mr Digital Simple Image Popup plugin <= 1.3.6 versions.
CVE-2022-47607 1 Usersnap 1 Usersnap 2025-01-10 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Usersnap plugin <= 4.16 versions.
CVE-2022-47603 1 Wpdevart 1 Image And Video Gallery With Thumbnails 2025-01-10 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.1 versions.
CVE-2022-47602 1 Joomunited 1 Wp Table Manager 2025-01-10 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in JoomUnited WP Table Manager plugin <= 3.5.2 versions.
CVE-2023-23681 1 Webdevocean 1 Image Hover Effects For Wpbakery Page Builder 2025-01-10 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Labib Ahmed Image Hover Effects For WPBakery Page Builder plugin <= 4.0 versions.
CVE-2023-24399 1 Oceanwp 1 Ocean Extra 2025-01-10 5.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in OceanWP Ocean Extra plugin <= 2.1.2 versions.
CVE-2023-26529 1 Dupeoff Project 1 Dupeoff 2025-01-10 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in DupeOff.Com DupeOff plugin <= 1.6 versions.