Skip to main content
CVE-2023-29171 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Magic Post Thumbnail
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-28792 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Continuous Image Carosel With Lightbox
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-28789 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Wordpress Contact Forms
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-28781 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Wordpress Contact Forms
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-25713 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Quick Paypal Payments
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-25711 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Wpglobus Translate Options
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-29236 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Outdoor
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-28993 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Albo Pretorio On Line
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-25041 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Monolit
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-25020 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arigato Autoresponder And Newsletter
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-43309 MEDIUM This Month

Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure X11Ssl Cf Firmware X11Dac Firmware X11Dai N Firmware X11Ddw L Firmware +142
NVD VulDB
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-1726 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Proliz OBS allows Stored XSS for an authenticated user.04.01. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Student Affairs Information System
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2023-23885 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Quick Contact Form
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-25061 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Arigato Autoresponder And Newsletter
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-23762 MEDIUM This Month

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Enterprise Server
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-23761 MEDIUM This Month

An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to modify other users' secret gists by authenticating through an SSH certificate. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Enterprise Server
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-27810 MEDIUM This Month

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Magic R100 Firmware
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2023-27808 MEDIUM This Month

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Magic R100 Firmware
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2023-27807 MEDIUM This Month

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Magic R100 Firmware
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2023-27806 MEDIUM This Month

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_dellist interface at /goform/aspForm. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Magic R100 Firmware
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2023-27805 MEDIUM This Month

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Magic R100 Firmware
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2023-27804 MEDIUM This Month

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DelvsList interface at /goform/aspForm. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Magic R100 Firmware
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2023-27803 MEDIUM This Month

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Magic R100 Firmware
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2023-27802 MEDIUM This Month

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditvsList parameter at /goform/aspForm. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Magic R100 Firmware
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2023-27801 MEDIUM This Month

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Magic R100 Firmware
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2023-29170 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Product Enquiry For Woocommerce
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-29094 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Product Page Shipping Calculator For Woocommerce
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-25712 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google XSS Google Analytics Opt Out
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-25705 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wp Prayer
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-25702 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Quick Paypal Payments
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-25464 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Twitch Player
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-25716 MEDIUM This Month

Auth (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gqevu6bsiz Announce from the Dashboard plugin <= 1.5.1 versions. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Announce From The Dashboard
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-25049 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Ecommerce Product Catalog
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-25031 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Arigato Autoresponder And Newsletter
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23994 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Auto Hide Admin Bar
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-25027 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Chained Quiz
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-25024 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Icegram Collect
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-25023 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Webinarignition
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-25022 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Watu Quiz
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-25046 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Podlove Podcast Publisher
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-24398 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Ezp Coming Soon Page
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-25059 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Avalex
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-24402 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wp Booking System
NVD
CVSS 3.1
4.8
EPSS
0.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy