Skip to main content
CVE-2023-2949 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Openemr
NVD GitHub
CVSS 3.1
6.1
EPSS
1.5%
CVE-2023-2948 MEDIUM POC PATCH THREAT This Month

Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Openemr
NVD GitHub
CVSS 3.1
6.1
EPSS
96.7%
CVE-2023-33314 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in realmag777 BEAR plugin <= 1.1.3.1 versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Bear Woocommerce Bulk Editor And Products Manager Professional
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-33332 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Woocommerce Product Vendors
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-33319 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Automatewoo
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-32800 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Seo Pro
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-33326 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Eventprime
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-33309 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Duplicator
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-33216 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Woodiscuz Woocommerce Comments
NVD
CVSS 3.1
5.9
EPSS
0.1%
CVE-2023-33311 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Contact Form Entries Contact Form 7 Wpforms And More
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-28785 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Yoast Seo
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-32762 MEDIUM PATCH This Month

An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Debian Linux Qt
NVD GitHub
CVSS 3.1
5.3
EPSS
0.9%
CVE-2023-33211 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wp Matomo Integration
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-33328 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Mailchimp Subscribe Form
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-32958 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Novelist
NVD
CVSS 3.1
4.8
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy