Lista CVE - 2023 / Agosto
Visualizzazione 2301 - 2400 di 2479 CVE per Agosto 2023 (Pagina 24 di 25)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2023-32742 | 2023-08-30 | WordPress WP SMS Plugin <= 6.1.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32801 | 2023-08-30 | WordPress WooCommerce Composite Products Plugin <= 8.7.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-4600 | 2023-08-30 | The AffiliateWP for WordPress is vulnerable to unauthorized modification of... |
| CVE-2023-32802 | 2023-08-30 | WordPress WooCommerce Pre-Orders Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32793 | 2023-08-30 | WordPress WooCommerce Pre-Orders Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32746 | 2023-08-30 | WordPress WooCommerce Brands Plugin <= 1.6.45 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32597 | 2023-08-30 | WordPress Video Gallery Plugin <= 1.0.10 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25019 | 2023-08-30 | WordPress Chaty Plugin <= 3.0.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32962 | 2023-08-30 | WordPress WishSuite Plugin <= 1.3.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-4624 | 2023-08-30 | Server-Side Request Forgery (SSRF) in bookstackapp/bookstack |
| CVE-2023-33208 | 2023-08-30 | WordPress Cookie Monster Plugin <= 1.51 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25462 | 2023-08-30 | WordPress WP htaccess Control Plugin <= 3.5.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-33210 | 2023-08-30 | WordPress nuajik CDN Plugin <= 0.1.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-33317 | 2023-08-30 | WordPress WooCommerce Warranty Requests Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-33325 | 2023-08-30 | WordPress Leyka Plugin <= 3.30.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-33320 | 2023-08-30 | WordPress WP-Hijri Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-33929 | 2023-08-30 | WordPress Easy Admin Menu Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-27426 | 2023-08-30 | WordPress NotifyVisitors Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34187 | 2023-08-30 | WordPress Call Now Icon Animate Plugin <= 0.1.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34183 | 2023-08-30 | WordPress Unite Gallery Lite Plugin <= 1.7.61 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34184 | 2023-08-30 | WordPress Woocommerce Order address Print Plugin <= 3.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34176 | 2023-08-30 | WordPress Chilexpress woo oficial Plugin <= 1.2.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34175 | 2023-08-30 | WordPress Login Configurator Plugin <= 2.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34180 | 2023-08-30 | WordPress Google Fonts For WordPress Plugin <= 3.0.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34174 | 2023-08-30 | WordPress BBS e-Popup Plugin <= 2.4.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34173 | 2023-08-30 | WordPress Yandex Metrica Counter Plugin <= 1.4.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34172 | 2023-08-30 | WordPress WordPress Social Login Plugin <= 3.0.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34032 | 2023-08-30 | WordPress bbPress Toolkit Plugin <= 1.0.12 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-3356 | 2023-08-30 | Subscribers Text Counter < 1.7.1 - Settings Update via CSRF to Stored XSS |
| CVE-2023-3720 | 2023-08-30 | Upload Media By URL < 1.0.8 - Stored XSS via CSRF |
| CVE-2023-3501 | 2023-08-30 | FormCraft < 1.2.7 - Admin+ Stored XSS |
| CVE-2023-4036 | 2023-08-30 | Simple Blog Card < 1.32 - Subscriber+ Arbitrary Post Access |
| CVE-2023-4035 | 2023-08-30 | Simple Blog Card < 1.31 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-4013 | 2023-08-30 | GDPR Cookie Compliance < 4.12.5 - License Update/Deactivation via CSRF |
| CVE-2023-4109 | 2023-08-30 | Ninja Forms < 3.6.26 - Admin+ Stored HTML Injection |
| CVE-2023-3992 | 2023-08-30 | PostX - Gutenberg Post Grid Blocks < 3.0.6 - Reflected Cross-Site Scripting |
| CVE-2023-1982 | 2023-08-30 | Front Editor <= 4.0.4 - Admin+ Stored XSS |
| CVE-2023-4023 | 2023-08-30 | All Users Messenger <= 1.24 - Subscriber+ Message Deletion via IDOR |
| CVE-2022-1601 | 2023-08-30 | User Access Manager < 2.2.18 - IP Spoofing |
| CVE-2023-4150 | 2023-08-30 | User Activity Tracking and Log < 4.0.9 - License Update/Deactivation via CSRF |
| CVE-2023-4209 | 2023-08-30 | POEditor < 0.9.8 - Settings Reset via CSRF |
| CVE-2023-34023 | 2023-08-30 | WordPress WordPress Social Login Plugin <= 3.0.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34022 | 2023-08-30 | WordPress Dynamic QR Code Generator Plugin <= 0.0.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34008 | 2023-08-30 | WordPress WP ERP Plugin <= 1.12.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34004 | 2023-08-30 | WordPress WooCommerce Box Office Plugin <= 1.1.50 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32294 | 2023-08-30 | WordPress GDPR Cookie Consent Notice Box Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34372 | 2023-08-30 | WordPress Download SpamReferrerBlock Plugin <= 2.22 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25453 | 2023-08-30 | WordPress WordPress Tables Plugin <= 1.3.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-35094 | 2023-08-30 | WordPress WP Matterport Shortcode Plugin <= 2.1.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-35092 | 2023-08-30 | WordPress breadcrumb simple Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25466 | 2023-08-30 | WordPress Who Hit The Page – Hit Counter Plugin <= 1.4.14.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28692 | 2023-08-30 | WordPress WP Abstracts Plugin <= 2.6.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28415 | 2023-08-30 | WordPress Side Cart Woocommerce (Ajax) Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25471 | 2023-08-30 | WordPress WCP OpenWeather Plugin <= 2.5.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-24397 | 2023-08-30 | WordPress Reservation.Studio widget Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-24401 | 2023-08-30 | WordPress Mobile Call Now & Map Buttons Plugin <= 1.5.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-27621 | 2023-08-30 | WordPress Livestream Notice Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-20266 | 2023-08-30 | A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager... |
| CVE-2023-40598 | 2023-08-30 | Command Injection in Splunk Enterprise Using External Lookups |
| CVE-2023-40595 | 2023-08-30 | Remote Code Execution via Serialized Session Payload |
| CVE-2023-40592 | 2023-08-30 | Reflected Cross-site Scripting (XSS) on "/app/search/table" web endpoint |
| CVE-2023-4571 | 2023-08-30 | Unauthenticated Log Injection in Splunk IT Service Intelligence (ITSI) |
| CVE-2023-40594 | 2023-08-30 | Denial of Service (DoS) via the ‘printf’ Search Function |
| CVE-2023-40593 | 2023-08-30 | Denial of Service (DoS) in Splunk Enterprise Using a Malformed SAML Request |
| CVE-2023-40596 | 2023-08-30 | Splunk Enterprise on Windows Privilege Escalation due to Insecure OPENSSLDIR Build Definition Reference in DLL |
| CVE-2023-40597 | 2023-08-30 | Absolute Path Traversal in Splunk Enterprise Using runshellscript.py |
| CVE-2023-4640 | 2023-08-30 | Set Logging Level Without Authentication |
| CVE-2023-41039 | 2023-08-30 | Sandbox escape via various forms of "format" in RestrictedPython |
| CVE-2023-36811 | 2023-08-30 | Archive spoofing vulnerability in borgbackup |
| CVE-2023-40582 | 2023-08-30 | Command Injection Vulnerability in find-exec |
| CVE-2023-40184 | 2023-08-30 | Improper handling of session establishment errors in xrdp |
| CVE-2023-41041 | 2023-08-30 | User session is still usable after logout in graylog2-server |
| CVE-2023-41040 | 2023-08-30 | GitPython blind local file inclusion |
| CVE-2023-23765 | 2023-08-30 | Incorrect comparison vulnerability in GitHub Enterprise Server leading to commit smuggling |
| CVE-2023-3489 | 2023-08-30 | firmwaredownload command could log servers passwords in clear text |
| CVE-2023-39912 | 2023-08-31 | Zoho ManageEngine ADManager Plus before 7203 allows Help Desk Technician... |
| CVE-2023-41635 | 2023-08-31 | A XML External Entity (XXE) vulnerability in the VerifichePeriodiche.aspx component... |
| CVE-2023-41636 | 2023-08-31 | A SQL injection vulnerability in the Data Richiesta dal parameter... |
| CVE-2023-41637 | 2023-08-31 | An arbitrary file upload vulnerability in the Carica immagine function... |
| CVE-2023-41638 | 2023-08-31 | An arbitrary file upload vulnerability in the Gestione Documentale module... |
| CVE-2023-41640 | 2023-08-31 | An improper error handling vulnerability in the component ErroreNonGestito.aspx of... |
| CVE-2023-41642 | 2023-08-31 | Multiple reflected cross-site scripting (XSS) vulnerabilities in the ErroreNonGestito.aspx component... |
| CVE-2023-41717 | 2023-08-31 | Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and... |
| CVE-2023-4652 | 2023-08-31 | Cross-site Scripting (XSS) - Stored in instantsoft/icms2 |
| CVE-2023-4653 | 2023-08-31 | Cross-site Scripting (XSS) - Stored in instantsoft/icms2 |
| CVE-2023-4651 | 2023-08-31 | Server-Side Request Forgery (SSRF) in instantsoft/icms2 |
| CVE-2023-4649 | 2023-08-31 | Session Fixation in instantsoft/icms2 |
| CVE-2023-4650 | 2023-08-31 | Improper Access Control in instantsoft/icms2 |
| CVE-2023-4655 | 2023-08-31 | Cross-site Scripting (XSS) - Reflected in instantsoft/icms2 |
| CVE-2023-4654 | 2023-08-31 | Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in instantsoft/icms2 |
| CVE-2023-4163 | 2023-08-31 | Possible buffer overflow in portcfgfportbuffers in Brocade Fabric OS |
| CVE-2023-4162 | 2023-08-31 | Segmentation fault in Brocade Fabric OS after Brocade Fabric OS v9.0 |
| CVE-2023-31925 | 2023-08-31 | Storage of clear text password in Brocade SANnav |
| CVE-2023-31423 | 2023-08-31 | Possible information exposure through log file vulnerability |
| CVE-2023-31424 | 2023-08-31 | Web authentication and authorization bypass |
| CVE-2023-4245 | 2023-08-31 | The WooCommerce PDF Invoice Builder for WordPress is vulnerable to... |
| CVE-2023-3999 | 2023-08-31 | The Waiting: One-click countdowns plugin for WordPress is vulnerable to... |
| CVE-2023-2229 | 2023-08-31 | The Quick Post Duplicator for WordPress is vulnerable to SQL... |
| CVE-2023-0689 | 2023-08-31 | The Metform Elementor Contact Form Builder for WordPress is vulnerable... |
| CVE-2023-4161 | 2023-08-31 | The WooCommerce PDF Invoice Builder for WordPress is vulnerable to... |