Skip to main content
CVE-2023-23753 CRITICAL POC Act Now

The 'Visforms Base Package for Joomla 3' extension is vulnerable to SQL Injection as concatenation is used to construct an SQL Query. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Visforms
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-2246 CRITICAL POC Act Now

A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Online Pizza Ordering System
NVD VulDB Exploit-DB
CVSS 3.1
9.8
EPSS
3.6%
CVE-2023-23879 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Nicolas Zeh PHP Execution plugin <= 1.0.0 versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP CSRF Php Execution
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-22686 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in TriniTronic Nice PayPal Button Lite plugin <= 1.3.5 versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Nice Paypal Button Lite
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-31043 HIGH This Week

EnterpriseDB EDB Postgres Advanced Server (EPAS) before 14.6.0 logs unredacted passwords in situations where optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, and redacting was. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PostgreSQL Postgres Advanced Server
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-24404 MEDIUM This Month

Reflected Cross-Site Scripting (XSS) vulnerability in VryaSage Marketing Performance plugin <= 2.0.0 versions. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Vryasage Marketing Performance
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-22718 MEDIUM This Month

Reflected Cross-Site Scripting (XSS) vulnerability in Jason Lau User Meta Manager plugin <= 3.4.9 versions. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS User Meta Manager
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-23832 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Ultimate Wp Query Search Filter
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-23827 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google XSS Google Maps V3 Shortcode
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-23817 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Simple Pdf Viewer
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-23717 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Portfolio Slideshow
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-22698 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google XSS Theme Blvd Responsive Google Maps
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-27614 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Motor Racing League
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-27425 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Electric Studio Client Login
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-25451 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cpo Content Types
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23816 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sitemap Index
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23806 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wordpress Custom Settings
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-24386 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Ai Contact Us Form
NVD
CVSS 3.1
4.8
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy