U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): xss
  • Search Type: Search All
There are 21,889 matching records.
Displaying matches 221 through 240.
Vuln ID Summary CVSS Severity
CVE-2023-27419

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest themes Viable Blog theme <= 1.1.4 versions.

Published: May 10, 2023; 5:15:13 AM -0400
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2023-24406

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Muneeb ur Rehman Simple PopUp plugin <= 1.8.6 versions.

Published: May 10, 2023; 5:15:13 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-23873

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Flector BBSpoiler plugin <= 2.01 versions.

Published: May 10, 2023; 5:15:13 AM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-23794

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Moss Semalt Blocker plugin <= 1.1.3 versions.

Published: May 10, 2023; 5:15:12 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-22696

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Custom4Web Affiliate Links Lite plugin <= 2.5 versions.

Published: May 10, 2023; 5:15:12 AM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-32970

Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Themify Themify Portfolio Post plugin <= 1.2.4 versions.

Published: May 10, 2023; 5:15:09 AM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-28932

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPMobile.App WPMobile.App — Android and iOS Mobile Application plugin <= 11.20 versions.

Published: May 10, 2023; 4:15:11 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-24418

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Tiny carousel horizontal slider plus plugin <= 3.2 versions.

Published: May 10, 2023; 4:15:11 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-24392

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Full Width Banner Slider Wp plugin <= 1.1.7 versions.

Published: May 10, 2023; 4:15:11 AM -0400
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2023-23812

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joost de Valk Enhanced WP Contact Form plugin <= 2.2.3 versions.

Published: May 10, 2023; 4:15:11 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-23789

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Premmerce Premmerce Redirect Manager plugin <= 1.0.9 versions.

Published: May 10, 2023; 4:15:11 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-23788

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Florin Arjocu Custom More Link Complete plugin <= 1.4.1 versions.

Published: May 10, 2023; 4:15:11 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-23786

Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Christof Servit affiliate-toolkit plugin <= 3.3.3 versions.

Published: May 10, 2023; 4:15:11 AM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-23701

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Andrew @ Geeenville Web Design Easy Sign Up plugin <= 3.4.1 versions.

Published: May 10, 2023; 4:15:10 AM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-22711

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Agent Evolution IMPress Listings plugin <= 2.6.2 versions.

Published: May 10, 2023; 4:15:09 AM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-30777

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP Engine Advanced Custom Fields Pro, WP Engine Advanced Custom Fields plugins <= 6.1.5 versions.

Published: May 10, 2023; 2:15:18 AM -0400
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2023-2615

Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21.

Published: May 10, 2023; 2:15:16 AM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-2614

Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.21.

Published: May 10, 2023; 2:15:15 AM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-2616

Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21.

Published: May 10, 2023; 1:15:11 AM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-30057

Multiple stored cross-site scripting (XSS) vulnerabilities in FICO Origination Manager Decision Module 4.8.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload.

Published: May 09, 2023; 5:15:11 PM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)