Lista CVE - 2023 / Dicembre
Visualizzazione 1901 - 2000 di 2674 CVE per Dicembre 2023 (Pagina 20 di 27)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2023-46311 | 2023-12-20 | WordPress wpDiscuz Plugin <= 7.6.3 is vulnerable to Insecure Direct Object References (IDOR) |
| CVE-2023-46147 | 2023-12-20 | WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to PHP Object Injection |
| CVE-2023-41796 | 2023-12-20 | WordPress Sunshine Photo Cart Plugin < 3.0.0 is vulnerable to Insecure Direct Object References (IDOR) |
| CVE-2023-40555 | 2023-12-20 | WordPress Flatsome Theme <= 3.17.5 is vulnerable to PHP Object Injection |
| CVE-2023-38519 | 2023-12-20 | WordPress MainWP Plugin <= 4.4.3.3 is vulnerable to SQL Injection |
| CVE-2023-38513 | 2023-12-20 | WordPress Photo Engine Plugin <= 6.2.5 is vulnerable to Insecure Direct Object References (IDOR) |
| CVE-2023-50249 | 2023-12-20 | Sentry's Astro SDK vulnerable to ReDoS |
| CVE-2023-37871 | 2023-12-20 | WordPress WooCommerce GoCardless Gateway Plugin <= 2.5.6 is vulnerable to Insecure Direct Object References (IDOR) |
| CVE-2023-6784 | 2023-12-20 | Potential Use of the Sitefinity System for Distribution of Phishing Emails |
| CVE-2023-51459 | 2023-12-20 | Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) |
| CVE-2023-51457 | 2023-12-20 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-51461 | 2023-12-20 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-51460 | 2023-12-20 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-51462 | 2023-12-20 | Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) |
| CVE-2023-51458 | 2023-12-20 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-36520 | 2023-12-20 | WordPress Editorial Calendar Plugin <= 3.7.12 is vulnerable to Insecure Direct Object References (IDOR) |
| CVE-2023-35895 | 2023-12-20 | IBM Informix JDBC code execution |
| CVE-2023-35876 | 2023-12-20 | WordPress WooCommerce Square Plugin <= 3.8.1 is vulnerable to Insecure Direct Object References (IDOR) |
| CVE-2023-28782 | 2023-12-20 | WordPress Gravity Forms Plugin <= 2.7.3 is vulnerable to PHP Object Injection |
| CVE-2023-47852 | 2023-12-20 | WordPress Link Whisper Free Plugin <= 0.6.5 is vulnerable to SQL Injection |
| CVE-2023-32590 | 2023-12-20 | WordPress Subscribe to Category Plugin <= 2.7.4 is vulnerable to SQL Injection |
| CVE-2023-40010 | 2023-12-20 | WordPress HUSKY – Products Filter for WooCommerce (formerly WOOF) Plugin <= 1.3.4.2 is vulnerable to SQL Injection |
| CVE-2023-35916 | 2023-12-20 | WordPress WooCommerce Payments Plugin <= 5.9.0 is vulnerable to Insecure Direct Object References (IDOR) |
| CVE-2023-35915 | 2023-12-20 | WordPress WooCommerce Payments Plugin <= 5.9.0 is vulnerable to SQL Injection |
| CVE-2023-35914 | 2023-12-20 | WordPress WooCommerce Subscriptions Plugin <= 5.1.2 is vulnerable to Insecure Direct Object References (IDOR) |
| CVE-2023-49772 | 2023-12-20 | WordPress Genesis Simple Love Plugin <= 2.0 is vulnerable to PHP Object Injection |
| CVE-2023-3742 | 2023-12-20 | Insufficient policy enforcement in ADB in Google Chrome on ChromeOS... |
| CVE-2023-49773 | 2023-12-20 | WordPress BCorp Shortcodes Plugin <= 0.23 is vulnerable to PHP Object Injection |
| CVE-2023-49776 | 2023-12-20 | WordPress Sayfa Sayaç Plugin <= 2.6 is vulnerable to SQL Injection |
| CVE-2023-49825 | 2023-12-20 | WordPress Soledad Theme <= 8.4.1 is vulnerable to SQL Injection |
| CVE-2023-33330 | 2023-12-20 | WordPress WooCommerce Follow-Up Emails Plugin <= 4.9.50 is vulnerable to SQL Injection |
| CVE-2023-33209 | 2023-12-20 | WordPress SEO Change Monitor Plugin <= 1.2 is vulnerable to SQL Injection |
| CVE-2023-5010 | 2023-12-20 | Student Information System v1.0 - Multiple Authenticated SQL Injections (SQLi) |
| CVE-2023-32743 | 2023-12-20 | WordPress AutomateWoo Plugin <= 5.7.1 is vulnerable to SQL Injection |
| CVE-2023-5011 | 2023-12-20 | Student Information System v1.0 - Multiple Authenticated SQL Injections (SQLi) |
| CVE-2023-5007 | 2023-12-20 | Student Information System v1.0 - Multiple Authenticated SQL Injections (SQLi) |
| CVE-2023-32128 | 2023-12-20 | WordPress Cryptocurrency Donation Box – Bitcoin & Crypto Donations Plugin <= 2.2.7 is vulnerable to SQL Injection |
| CVE-2023-31092 | 2023-12-20 | WordPress Easy Bet Plugin <= 1.0.2 is vulnerable to SQL Injection |
| CVE-2023-7018 | 2023-12-20 | Deserialization of Untrusted Data in huggingface/transformers |
| CVE-2023-47118 | 2023-12-20 | Heap buffer overflow in T64 codec decompression |
| CVE-2023-30872 | 2023-12-20 | WordPress BSK Forms Blacklist Plugin <= 3.6.2 is vulnerable to SQL Injection |
| CVE-2023-30750 | 2023-12-20 | WordPress CM Pop-Up banners Plugin <= 1.5.10 is vulnerable to SQL Injection |
| CVE-2023-30495 | 2023-12-20 | WordPress Ultimate Addons for Contact Form 7 Plugin <= 3.1.23 is vulnerable to SQL Injection |
| CVE-2023-29432 | 2023-12-20 | WordPress Houzez Theme < 2.8.3 is vulnerable to SQL Injection |
| CVE-2023-29096 | 2023-12-20 | WordPress Contact Form to DB by BestWebSoft Plugin <= 1.7.0 is vulnerable to SQL Injection |
| CVE-2023-28788 | 2023-12-20 | WordPress Advanced Page Visit Counter Plugin <= 6.4.2 is vulnerable to SQL Injection |
| CVE-2023-28491 | 2023-12-20 | WordPress Slideshow Gallery Plugin <= 1.7.6 is vulnerable to SQL Injection |
| CVE-2023-26525 | 2023-12-20 | WordPress Dokan Plugin <= 3.7.12 is vulnerable to SQL Injection |
| CVE-2023-49161 | 2023-12-20 | WordPress Bravo Translate Plugin <= 1.2 is vulnerable to SQL Injection |
| CVE-2023-49166 | 2023-12-20 | WordPress MSync Plugin <= 1.0.0 is vulnerable to SQL Injection |
| CVE-2023-49752 | 2023-12-20 | WordPress Adifier System Plugin < 3.1.4 is vulnerable to SQL Injection |
| CVE-2023-49269 | 2023-12-20 | Hotel Management v1.0 - Multiple Reflected Cross-Site Scripting (XSS) |
| CVE-2022-47599 | 2023-12-20 | WordPress File Manager Plugin <= 5.2.7 is vulnerable to PHP Object Injection |
| CVE-2022-47597 | 2023-12-20 | WordPress Popup Maker Plugin <= 1.17.1 is vulnerable to Sensitive Data Exposure |
| CVE-2023-49814 | 2023-12-20 | WordPress Symbiostock Lite Plugin <= 6.0.0 is vulnerable to Arbitrary File Upload |
| CVE-2023-47784 | 2023-12-20 | WordPress Slider Revolution Plugin <= 6.6.15 is vulnerable to Arbitrary File Upload |
| CVE-2023-46149 | 2023-12-20 | WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to Arbitrary File Upload |
| CVE-2023-45603 | 2023-12-20 | WordPress User Submitted Posts Plugin <= 20230902 is vulnerable to Arbitrary File Upload |
| CVE-2023-40204 | 2023-12-20 | WordPress Folders Plugin <= 2.9.2 is vulnerable to Arbitrary File Upload |
| CVE-2023-34385 | 2023-12-20 | WordPress Export Import Menus Plugin <= 1.8.0 is vulnerable to Arbitrary File Upload |
| CVE-2023-34007 | 2023-12-20 | WordPress Download Monitor Plugin <= 4.8.3 is vulnerable to Arbitrary File Upload |
| CVE-2023-33318 | 2023-12-20 | WordPress WooCommerce Follow-Up Emails Plugin <= 4.9.40 is vulnerable to Arbitrary File Upload |
| CVE-2023-31231 | 2023-12-20 | WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.65 is vulnerable to Arbitrary File Upload |
| CVE-2023-31215 | 2023-12-20 | WordPress Dropshipping & Affiliation with Amazon Plugin <= 2.1.2 is vulnerable to Arbitrary File Upload |
| CVE-2023-29384 | 2023-12-20 | WordPress WordPress Job Board and Recruitment Plugin – JobWP Plugin <= 2.0 is vulnerable to Arbitrary File Upload |
| CVE-2023-29102 | 2023-12-20 | WordPress Olive One Click Demo Import Plugin <= 1.1.1 is vulnerable to Arbitrary File Upload |
| CVE-2023-28170 | 2023-12-20 | WordPress Theme Demo Import Plugin <= 1.1.1 is vulnerable to Arbitrary File Upload |
| CVE-2023-25970 | 2023-12-20 | WordPress Zendrop – Global Dropshipping Plugin <= 1.0.0 is vulnerable to Arbitrary File Upload |
| CVE-2023-49270 | 2023-12-20 | Hotel Management v1.0 - Multiple Reflected Cross-Site Scripting (XSS) |
| CVE-2023-49271 | 2023-12-20 | Hotel Management v1.0 - Multiple Reflected Cross-Site Scripting (XSS) |
| CVE-2023-23970 | 2023-12-20 | WordPress Corsa Theme <= 1.5 is vulnerable to Arbitrary File Upload |
| CVE-2023-49272 | 2023-12-20 | Hotel Management v1.0 - Multiple Reflected Cross-Site Scripting (XSS) |
| CVE-2022-44684 | 2023-12-20 | Windows Local Session Manager (LSM) Denial of Service Vulnerability |
| CVE-2023-48433 | 2023-12-20 | Online Voting System Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi) |
| CVE-2023-48434 | 2023-12-20 | Online Voting System Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi) |
| CVE-2023-46131 | 2023-12-20 | Grails® data binding causes JVM crash and/or DoS |
| CVE-2023-51390 | 2023-12-20 | Information Disclosure Vulnerability in Journalpump |
| CVE-2023-45703 | 2023-12-20 | HCL Launch is susceptible to a Denial of Service vulnerability |
| CVE-2023-29485 | 2023-12-21 | An issue was discovered in Heimdal Thor agent versions 3.4.2... |
| CVE-2023-29486 | 2023-12-21 | An issue was discovered in Heimdal Thor agent versions 3.4.2... |
| CVE-2023-29487 | 2023-12-21 | An issue was discovered in Heimdal Thor agent versions 3.4.2... |
| CVE-2023-48114 | 2023-12-21 | SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS... |
| CVE-2023-48115 | 2023-12-21 | SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM... |
| CVE-2023-48116 | 2023-12-21 | SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS... |
| CVE-2023-50473 | 2023-12-21 | Cross-Site Scripting (XSS) vulnerability in bill-ahmed qbit-matUI version 1.16.4, allows... |
| CVE-2023-50475 | 2023-12-21 | An issue was discovered in bcoin-org bcoin version 2.2.0, allows... |
| CVE-2023-50477 | 2023-12-21 | An issue was discovered in nos client version 0.6.6, allows... |
| CVE-2023-50481 | 2023-12-21 | An issue was discovered in blinksocks version 3.3.8, allows remote... |
| CVE-2023-51048 | 2023-12-21 | S-CMS v5.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2023-51049 | 2023-12-21 | S-CMS v5.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2023-51050 | 2023-12-21 | S-CMS v5.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2023-51051 | 2023-12-21 | S-CMS v5.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2023-51052 | 2023-12-21 | S-CMS v5.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2023-7020 | 2023-12-21 | Tongda OA 2017 view.php sql injection |
| CVE-2023-45700 | 2023-12-21 | HCL Launch is susceptible to an HTML injection vulnerability |
| CVE-2023-7021 | 2023-12-21 | Tongda OA 2017 delete_search.php sql injection |
| CVE-2023-28025 | 2023-12-21 | An HTML injection vulnerability can affect HCL BigFix Mobile / Modern Client Management |
| CVE-2023-7022 | 2023-12-21 | Tongda OA 2017 delete_all.php sql injection |
| CVE-2023-7023 | 2023-12-21 | Tongda OA 2017 delete.php sql injection |
| CVE-2023-7025 | 2023-12-21 | KylinSoft hedron-domain-hook DBus init_kcm access control |