Show filters
111 Total Results
Displaying 81-90 of 111
Sort by:
Attacker Value
Unknown
CVE-2023-25981
Disclosure Date: August 25, 2023 (last updated October 08, 2023)
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form plugin <= 2.8.1 versions.
0
Attacker Value
Unknown
CVE-2023-23828
Disclosure Date: August 10, 2023 (last updated October 08, 2023)
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Swashata WP Category Post List Widget plugin <= 2.0.3 versions.
0
Attacker Value
Unknown
CVE-2023-28931
Disclosure Date: August 08, 2023 (last updated October 08, 2023)
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Never5 Post Connector plugin <= 1.0.9 versions.
0
Attacker Value
Unknown
CVE-2023-25459
Disclosure Date: August 08, 2023 (last updated October 08, 2023)
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Postsnippets Post Snippets plugin <= 4.0.2 versions.
0
Attacker Value
Unknown
CVE-2023-25063
Disclosure Date: August 08, 2023 (last updated October 08, 2023)
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Anadnet Quick Page/Post Redirect Plugin plugin <= 5.2.3 versions.
0
Attacker Value
Unknown
CVE-2023-34644
Disclosure Date: July 31, 2023 (last updated October 08, 2023)
Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches SWITCH_3.0(1)B11P218, RG-EG series business VPN routers EG_3.0(1)B11P216, EAP and RAP series wireless access points AP_3.0(1)B11P218, NBC series wireless controllers AC_3.0(1)B11P86 allows unauthorized remote attackers to gain the highest privileges via crafted POST request to /cgi-bin/luci/api/auth.
0
Attacker Value
Unknown
CVE-2023-33329
Disclosure Date: July 18, 2023 (last updated October 08, 2023)
Auth. (admin+) Reflected Cross-Site Scripting (XSS) vulnerability in Hijiri Custom Post Type Generator plugin <= 2.4.2 versions.
0
Attacker Value
Unknown
CVE-2023-27413
Disclosure Date: June 22, 2023 (last updated October 08, 2023)
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Shazzad Hossain Khan W4 Post List plugin <= 2.4.4 versions.
0
Attacker Value
Unknown
CVE-2023-34409
Disclosure Date: June 06, 2023 (last updated October 08, 2023)
In Percona Monitoring and Management (PMM) server 2.x before 2.37.1, the authenticate function in auth_server.go does not properly formalize and sanitize URL paths to reject path traversal attempts. This allows an unauthenticated remote user, when a crafted POST request is made against unauthenticated API routes, to access otherwise protected API routes leading to escalation of privileges and information disclosure.
0
Attacker Value
Unknown
CVE-2022-32970
Disclosure Date: May 10, 2023 (last updated October 08, 2023)
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Themify Themify Portfolio Post plugin <= 1.2.4 versions.
0
