Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): xss
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-49149 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CurrencyRate.Today Currency Converter Calculator allows Stored XSS.This issue affects Currency Converter Calculator: from n/a through 1.3.1. Published: December 14, 2023; 12:15:09 PM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-48780 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnigmaWeb WP Catalogue allows Stored XSS.This issue affects WP Catalogue: from n/a through 1.7.6. Published: December 14, 2023; 12:15:08 PM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-48771 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bruno "Aesqe" Babic File Gallery allows Reflected XSS.This issue affects File Gallery: from n/a through 1.8.5.4. Published: December 14, 2023; 12:15:08 PM -0500 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-48770 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nima Saberi Aparat allows Stored XSS.This issue affects Aparat: from n/a through 1.7.1. Published: December 14, 2023; 12:15:08 PM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-48767 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raghu Goriya MyTube PlayList allows Reflected XSS.This issue affects MyTube PlayList: from n/a through 2.0.3. Published: December 14, 2023; 12:15:08 PM -0500 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-48756 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlocks For Elementor allows Reflected XSS.This issue affects JetBlocks For Elementor: from n/a through 1.3.8. Published: December 14, 2023; 12:15:08 PM -0500 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-6367 |
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Roles. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser. Published: December 14, 2023; 11:15:53 AM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-6366 |
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Alert Center. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser. Published: December 14, 2023; 11:15:53 AM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-6365 |
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within a device group. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser. Published: December 14, 2023; 11:15:53 AM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-6364 |
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within a dashboard component. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser. Published: December 14, 2023; 11:15:52 AM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-49841 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FancyThemes Optin Forms – Simple List Building Plugin for WordPress allows Stored XSS.This issue affects Optin Forms – Simple List Building Plugin for WordPress: from n/a through 1.3.3. Published: December 14, 2023; 11:15:52 AM -0500 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2023-49820 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc allows Stored XSS.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.5.3. Published: December 14, 2023; 11:15:52 AM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-49813 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005. Published: December 14, 2023; 11:15:52 AM -0500 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-49771 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Raschendorfer Smart External Link Click Monitor [Link Log] allows Reflected XSS.This issue affects Smart External Link Click Monitor [Link Log]: from n/a through 5.0.2. Published: December 14, 2023; 11:15:51 AM -0500 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-49770 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Raschendorfer Smart External Link Click Monitor [Link Log] allows Stored XSS.This issue affects Smart External Link Click Monitor [Link Log]: from n/a through 5.0.2. Published: December 14, 2023; 11:15:51 AM -0500 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2023-49766 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Ultimate Addons for Contact Form 7 allows Stored XSS.This issue affects Ultimate Addons for Contact Form 7: from n/a through 3.2.0. Published: December 14, 2023; 11:15:51 AM -0500 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-49195 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle Phillips Nested Pages allows Stored XSS.This issue affects Nested Pages: from n/a through 3.2.6. Published: December 14, 2023; 11:15:51 AM -0500 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2023-49173 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10to8 Sign In Scheduling Online Appointment Booking System allows Stored XSS.This issue affects Sign In Scheduling Online Appointment Booking System: from n/a through 1.0.9. Published: December 14, 2023; 11:15:51 AM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-49172 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BrainCert BrainCert – HTML5 Virtual Classroom allows Reflected XSS.This issue affects BrainCert – HTML5 Virtual Classroom: from n/a through 1.30. Published: December 14, 2023; 11:15:50 AM -0500 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-49171 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TheInnovs Innovs HR – Complete Human Resource Management System for Your Business allows Reflected XSS.This issue affects Innovs HR – Complete Human Resource Management System for Your Business: from n/a through 1.0.3.4. Published: December 14, 2023; 11:15:50 AM -0500 |
V3.1: 6.1 MEDIUM V2.0:(not available) |