Skip to main content
CVE-2023-0038 HIGH POC This Week

The "Survey Maker - Best WordPress Survey Plugin" plugin for WordPress is vulnerable to Stored Cross-Site Scripting via survey answers in versions up to, and including, 3.1.3 due to insufficient. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Survey Maker
NVD VulDB
CVSS 3.1
7.2
EPSS
2.0%
CVE-2022-4663 MEDIUM POC This Month

The Members Import plugin for WordPress is vulnerable to Self Cross-Site Scripting via the user_login parameter in an imported CSV file in versions up to, and including, 1.4.2 due to insufficient. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Members Import
NVD VulDB
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-22456 MEDIUM PATCH This Month

ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions prior to 1.2.2 and 1.1.29. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Viewvc
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy