Skip to main content
CVE-2023-48736 MEDIUM POC This Month

In International Color Consortium DemoIccMAX 3e7948b, CIccCLUT::Interp2d in IccTagLut.cpp in libSampleICC.a has an out-of-bounds read. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Demoiccmax
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-40817 MEDIUM POC This Month

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Product Configuration Name Field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Opencrx
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-40816 MEDIUM POC This Month

OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity Milestone Name Field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Opencrx
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-40815 MEDIUM POC This Month

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Category Creation Name Field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Opencrx
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-40814 MEDIUM POC This Month

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Accounts Name Field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Opencrx
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-40813 MEDIUM POC This Month

OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity Saved Search Creation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Opencrx
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-40812 MEDIUM POC This Month

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Accounts Group Name Field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Opencrx
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-40810 MEDIUM POC This Month

OpenCRX version 5.2.0 is vulnerable to HTML injection via Product Name Field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Opencrx
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-40809 MEDIUM POC This Month

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Activity Search Criteria-Activity Number. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Opencrx
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-44796 MEDIUM POC PATCH This Month

Cross Site Scripting (XSS) vulnerability in LimeSurvey before version 6.2.9-230925 allows a remote attacker to escalate privileges via a crafted script to the _generaloptions_panel.php component. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Limesurvey
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2023-47664 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in edward_plainview Plainview Protect Passwords.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Plainview Protect Passwords
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-28780 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Yoast Yoast Local Premium.8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Yoast Local Seo
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-47650 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Peter Sterling Add Local Avatar.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM CSRF Add Local Avatar
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-40363 MEDIUM This Month

IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation IBM Infosphere Information Server
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-32245 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper Essential Addons for Elementor Pro.4.8. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

CSRF Essential Addons For Elementor Elementor
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2023-32504 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Kainex Wise Chat.1.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Wise Chat
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-31075 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Arshid Easy Hide Login.0.8. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Easy Hide Login
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-47649 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in PriceListo Best Restaurant Menu by PriceListo.3.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Best Restaurant Menu
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-47644 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in profilegrid ProfileGrid - User Profiles, Memberships, Groups and Communities.6.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Profilegrid
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-47553 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in User Local Inc UserHeat Plugin.1.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Userheat Plugin
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-47552 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Labib Ahmed Image Hover Effects - WordPress Plugin.5. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Image Hover Effects
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-47551 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in RedNao Donations Made Easy - Smart Donations.0.12. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Donations Made Easy Smart Donations
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-47243 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in CodeMShop 코드엠샵 마이사이트 - MSHOP MY SITE.1.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Mshop My Site
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-47685 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Lukman Nakib Preloader Matrix.0.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Preloader Matrix
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-47671 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Gopi Ramasamy Vertical scroll recent.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Vertical Scroll Recent Registered User
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-32514 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Himanshu Parashar Google Site Verification plugin using Meta Tag.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google CSRF Google Site Verification Plugin Using Meta Tag
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-47655 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Marco Milesi ANAC XML Bandi di Gara.5. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Anac Xml Bandi Di Gara
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-47666 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Code Snippets Pro Code Snippets.5.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Code Snippets
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2023-47556 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in James Mehorter Device Theme Switcher.0.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Device Theme Switcher
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-47531 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in DroitThemes Droit Dark Mode.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Droit Dark Mode
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-47519 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in WC Product Table WooCommerce Product Table Lite.6.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Woocommerce Product Table Lite
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-47672 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Swashata WP Category Post List Widget.0.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Wp Category Post List Widget
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-47670 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Jongmyoung Kim Korea SNS.6.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Korea Sns
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-41129 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Patreon Patreon WordPress.8.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Patreon Wordpress
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-31089 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Tradebooster Video XML Sitemap Generator.0.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Video Xml Sitemap Generator
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-25985 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Tomas | Docs | FAQ | Premium Support WordPress Tooltips.2.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Wordpress Tooltips
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-47651 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Robert Macchi WP Links Page.9.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Wp Links Page
NVD
CVSS 3.1
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy