Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (42958 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-23884 1 Kanbanwp 1 Kanban Boards For Wordpress 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kanban for WordPress Kanban Boards for WordPress plugin <= 2.5.20 versions.
CVE-2023-23881 1 Greentreelabs 1 Circles Gallery 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GreenTreeLabs Circles Gallery plugin <= 1.0.10 versions.
CVE-2023-23880 1 Monsterinsights 1 Exactmetrics 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ExactMetrics plugin <= 7.14.1 versions.
CVE-2023-23877 1 Bkmacdaddy 1 Pinterest Rss Widget 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in bkmacdaddy designs Pinterest RSS Widget plugin <= 2.3.1 versions.
CVE-2023-23873 1 Bbspoiler Project 1 Bbspoiler 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Flector BBSpoiler plugin <= 2.01 versions.
CVE-2023-23871 1 Webdzier 1 Button 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Webdzier Button plugin <= 1.1.23 versions.
CVE-2023-23863 1 Blackandwhitedigital 1 Treepress 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Black and White Digital Ltd TreePress – Easy Family Trees & Ancestor Profiles plugin <= 2.0.22 versions.
CVE-2023-23833 1 Drop Shadow Boxes Project 1 Drop Shadow Boxes 2024-11-21 6.5 Medium
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Steven Henty Drop Shadow Boxes plugin <= 1.7.10 versions.
CVE-2023-23831 1 Rating-widget 1 Ratingwidget 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rating-Widget Rating-Widget: Star Review System plugin <= 3.1.9 versions.
CVE-2023-23829 1 Pierre-jehan 1 Owl Carousel 2024-11-21 6.5 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pierre JEHAN Owl Carousel plugin <= 0.5.3 versions.
CVE-2023-23826 1 Webmechanix 1 Add Posts To Pages 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Arsham Mirshah Add Posts to Pages plugin <= 1.4.1 versions.
CVE-2023-23822 1 Utm Tracker Project 1 Utm Tracker 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ludwig Media UTM Tracker plugin <= 1.3.1 versions.
CVE-2023-23821 1 Interactive Polish Map Project 1 Interactive Polish Map 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marcin Pietrzak Interactive Polish Map plugin <= 1.2 versions.
CVE-2023-23811 1 Smoothscroller Project 1 Smoothscroller 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Neil Gee Smoothscroller plugin <= 1.0.0 versions.
CVE-2023-23810 1 Snaborbital 1 Panorama 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SnapOrbital Panorama plugin <= 1.5 versions.
CVE-2023-23807 1 Qumos 1 Mojoplug Slide Panel 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Qumos MojoPlug Slide Panel plugin <= 1.1.2 versions.
CVE-2023-23798 1 Web-settler 1 Layer Slider 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Muneeb Layer Slider plugin <= 1.1.9.7 versions.
CVE-2023-23794 1 Semalt Blocker Project 1 Semalt Blocker 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Moss Semalt Blocker plugin <= 1.1.3 versions.
CVE-2023-23771 1 Motorola 2 Mbts Base Radio, Mbts Base Radio Firmware 2024-11-21 8.4 High
Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled.
CVE-2023-23770 1 Motorola 2 Mbts Site Controller, Mbts Site Controller Firmware 2024-11-21 9.4 Critical
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site Controller Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled.