Skip to main content
CVE-2023-22985 MEDIUM This Month

Sourcecodester Simple Guestbook Management System version 1 is vulnerable to Cross Site Scripting (XSS) via Name, Referrer, Location, and Comments. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Simple Guestbook Management System
NVD VulDB
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-29016 MEDIUM PATCH This Month

The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Goobi Viewer Core
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-29015 MEDIUM PATCH This Month

The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Goobi Viewer Core
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-29014 MEDIUM PATCH This Month

The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Goobi Viewer Core
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-23979 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Quick Event Manager
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-23987 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration user-registration allows DOM-Based XSS.3.0. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
5.9
EPSS
0.2%
CVE-2023-24378 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Glossary
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-24374 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Material Design Icons For Page Builders
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-23891 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Ocean Extra
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-24411 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Bne Testimonials
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-23898 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Blocksy Companion
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-24003 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Wp Popups
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-23815 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Multi Column Tag Map
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-25062 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Pinpoint Booking System
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-24396 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Vikbooking Hotel Booking Engine Pms
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-24387 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Organization Chart
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-24383 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Namaste Lms
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-24004 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Download Image And Video Lightbox Image Popup
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-24002 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Youtube Embed Playlist And Popup
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-24006 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wp Terms Popup
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-24001 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Modal Dialog
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23998 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Vikrentcar
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23996 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Profilepress
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23980 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Mailoptin
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23972 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Social Like Box And Page
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23971 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wp Time Slots Booking Form
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23982 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wpfrom Email
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23981 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Conversational Forms For Chatbot
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-24403 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Bbpress Voting
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2023-1913 MEDIUM This Month

The Maps Widget for Google Maps for WordPress is vulnerable to Stored Cross-Site Scripting via widget settings in versions up to, and including, 4.24 due to insufficient input sanitization and output. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Google XSS WordPress Maps Widget For Google Maps
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-20688 MEDIUM This Month

In power, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20679 MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Android Yocto +1
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20677 MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Yocto Linux Kernel
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20676 MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Yocto Linux Kernel
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20675 MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Yocto Linux Kernel
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20674 MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Yocto Linux Kernel
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20665 MEDIUM This Month

In ril, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20660 MEDIUM This Month

In wlan, there is a possible out of bounds read due to an integer overflow. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Information Disclosure Android Yocto +1
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-1929 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the wpfc_purgecache_varnish_callback function in versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

WordPress Authentication Bypass Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.3%
CVE-2023-1931 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the deleteCssAndJsCacheToolbar function in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

WordPress Authentication Bypass Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-1930 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data deletion due to a missing capability check on the wpfc_clear_cache_of_allsites_callback function in versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

WordPress Authentication Bypass Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-1928 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the wpfc_preload_single_callback function in versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-1927 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1926 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1925 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1924 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1923 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1922 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1921 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-1920 MEDIUM PATCH This Month

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Wp Fastest Cache
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy