Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (42958 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-41847 1 Wensolutions 1 Notice Bar 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WEN Solutions Notice Bar plugin <= 3.1.0 versions.
CVE-2023-41815 1 Pandorafms 1 Pandora Fms 2024-11-21 7.5 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Malicious code could be executed in the File Manager section. This issue affects Pandora FMS: from 700 through 774.
CVE-2023-41814 1 Pandorafms 1 Pandora Fms 2024-11-21 3.7 Low
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Through an HTML payload (iframe tag) it is possible to carry out XSS attacks when the user receiving the messages opens their notifications. This issue affects Pandora FMS: from 700 through 774.
CVE-2023-41813 1 Pandorafms 1 Pandora Fms 2024-11-21 3 Low
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Allows you to edit the Web Console user notification options. This issue affects Pandora FMS: from 700 through 774.
CVE-2023-41811 1 Artica 1 Pandora Fms 2024-11-21 5.3 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed Javascript code to be executed in the news section of the web console. This issue affects Pandora FMS: from 700 through 773.
CVE-2023-41810 1 Artica 1 Pandora Fms 2024-11-21 4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed Javascript code to be executed in some Widgets' text box. This issue affects Pandora FMS: from 700 through 773.
CVE-2023-41800 1 Uniconsent 1 Cmp For Gdpr Cpra Gpp Tcf 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in UniConsent UniConsent CMP for GDPR CPRA GPP TCF plugin <= 1.4.2 versions.
CVE-2023-41797 1 Goldplugins 1 Locations 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Gold Plugins Locations plugin <= 4.0 versions.
CVE-2023-41789 1 Artica 1 Pandora Fms 2024-11-21 7.6 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allows an attacker to perform cookie hijacking and log in as that user without the need for credentials. This issue affects Pandora FMS: from 700 through 773.
CVE-2023-41737 1 Wpgens 1 Swifty Bar 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPGens Swifty Bar, sticky bar by WPGens plugin <= 1.2.10 versions.
CVE-2023-41736 1 Gopiplus 1 Email Posts To Subscribers 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Email posts to subscribers plugin <= 6.2 versions.
CVE-2023-41734 1 Nigauri 1 Insert Estimated Reading Time 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nigauri Insert Estimated Reading Time plugin <= 1.2 versions.
CVE-2023-41733 1 Yydevelopment 1 Back To The Top Button 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in YYDevelopment Back To The Top Button plugin <= 2.1.5 versions.
CVE-2023-41731 1 I13websolution 1 Wordpress Publish Post Email Notification 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution WordPress publish post email notification plugin <= 1.0.2.2 versions.
CVE-2023-41729 1 Pressified 1 Sendpress 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions.
CVE-2023-41728 1 Rescuethemes 1 Rescue Shortcodes 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rescue Themes Rescue Shortcodes allows Stored XSS.This issue affects Rescue Shortcodes: from n/a through 2.5.
CVE-2023-41713 1 Sonicwall 61 Nsa2700, Nsa3700, Nsa4700 and 58 more 2024-11-21 7.5 High
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.
CVE-2023-41692 1 Hennessey 1 Attorney 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Hennessey Digital Attorney theme <= 3 theme.
CVE-2023-41691 1 Pensopay 1 Woocommerce Pensopay 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pensopay WooCommerce PensoPay plugin <= 6.3.1 versions.
CVE-2023-41687 1 Goods Catalog Project 1 Goods Catalog 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Irina Sokolovskaya Goods Catalog plugin <= 2.4.1 versions.