U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): xss
  • Search Type: Search All
There are 21,901 matching records.
Displaying matches 261 through 280.
Vuln ID Summary CVSS Severity
CVE-2023-31802

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the skype and linedin_url parameters.

Published: May 09, 2023; 12:15:14 PM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-31801

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the skills wheel parameter.

Published: May 09, 2023; 12:15:14 PM -0400
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2023-31800

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the forum title parameter.

Published: May 09, 2023; 12:15:14 PM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-31799

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the system annnouncements parameter.

Published: May 09, 2023; 12:15:14 PM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-23647

Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in Sk. Abul Hasan Team Member – Team with Slider plugin <= 4.4 versions.

Published: May 09, 2023; 9:15:16 AM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-46864

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Umair Saleem Woocommerce Custom Checkout Fields Editor With Drag & Drop plugin <= 0.1 versions.

Published: May 09, 2023; 9:15:16 AM -0400
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2022-46858

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Amin A.Rezapour Product Specifications for Woocommerce plugin <= 0.6.0 versions.

Published: May 09, 2023; 9:15:16 AM -0400
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2022-46844

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in PixelGrade PixFields plugin <= 0.7.0 versions.

Published: May 09, 2023; 9:15:16 AM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-46822

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in JC Development Team WooCommerce JazzCash Gateway Plugin plugin <= 2.0 versions.

Published: May 09, 2023; 9:15:16 AM -0400
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2023-24372

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in USB Memory Direct Simple Custom Author Profiles plugin <= 1.0.0 versions.

Published: May 09, 2023; 7:15:09 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-23884

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kanban for WordPress Kanban Boards for WordPress plugin <= 2.5.20 versions.

Published: May 09, 2023; 7:15:09 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-23883

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Gwyer WP Content Filter plugin <= 3.0.1 versions.

Published: May 09, 2023; 7:15:09 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-23862

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Vertical scroll recent post plugin <= 14.0 versions.

Published: May 09, 2023; 7:15:09 AM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-23734

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Voswinkel Userlike – WordPress Live Chat plugin <= 2.2 versions.

Published: May 09, 2023; 7:15:09 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-23733

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joel James Lazy Social Comments plugin <= 2.0.4 versions.

Published: May 09, 2023; 7:15:09 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-23732

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joel James Disqus Conditional Load plugin <= 11.0.6 versions.

Published: May 09, 2023; 7:15:09 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-23793

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eightweb Interactive Read More Without Refresh plugin <= 3.1 versions.

Published: May 09, 2023; 6:15:10 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-23664

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ConvertBox ConvertBox Auto Embed WordPress plugin <= 1.0.19 versions.

Published: May 09, 2023; 6:15:10 AM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-41640

Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in Rymera Web Co Wholesale Suite plugin <= 2.1.5 versions.

Published: May 09, 2023; 6:15:10 AM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-23863

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Black and White Digital Ltd TreePress – Easy Family Trees & Ancestor Profiles plugin <= 2.0.22 versions.

Published: May 09, 2023; 4:15:08 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)