Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (43996 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-46081 1 Lava-code 1 Lava Directory Manager 2024-11-21 7.1 High
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Lavacode Lava Directory Manager plugin <= 1.1.34 versions.
CVE-2023-46077 1 Arrowplugins 1 The Awesome Feed 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin <= 2.2.5 versions.
CVE-2023-46076 1 Rednao 1 Woocommerce Pdf Invoice Builder 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RedNao WooCommerce PDF Invoice Builder, Create invoices, packing slips and more plugin <= 1.2.102 versions.
CVE-2023-46075 1 Wpdevart 1 Contact Form Builder 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wpdevart Contact Form Builder, Contact Widget plugin <= 2.1.6 versions.
CVE-2023-46074 1 Borbis 1 Freshmail For Wordpress 2024-11-21 5.8 Medium
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Borbis Media FreshMail For WordPress plugin <= 2.3.2 versions.
CVE-2023-46072 1 Add Shortcodes Actions And Filters Project 1 Add Shortcodes Actions And Filters 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Michael Simpson Add Shortcodes Actions And Filters plugin <= 2.0.9 versions.
CVE-2023-46071 1 Clickdatos 1 Proteccion De Datos Rgpd 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ClickDatos Protección de Datos RGPD plugin <= 3.1.0 versions.
CVE-2023-46070 1 Egeorjon 1 Eg-attachments 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Emmanuel GEORJON EG-Attachments plugin <= 2.1.3 versions.
CVE-2023-46069 1 Osmansorkar 1 Ajax Archive Calendar 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Osmansorkar Ajax Archive Calendar plugin <= 2.6.7 versions.
CVE-2023-46068 1 Maileon 1 Maileon 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in XQueue GmbH Maileon for WordPress plugin <= 2.16.0 versions.
CVE-2023-46066 1 Codedraft 1 Mediabay - Wordpress Media Library Folders 2024-11-21 5.9 Medium
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Codedrafty Mediabay – Media Library Folders plugin <= 1.6 versions.
CVE-2023-46059 1 Geeklog 1 Geeklog 2024-11-21 4.8 Medium
Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component.
CVE-2023-46058 1 Geeklog 1 Geeklog 2024-11-21 4.8 Medium
Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grp_desc parameter of the admin/group.php component.
CVE-2023-46054 1 Wbce 1 Wbce Cms 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) vulnerability in WBCE CMS v.1.6.1 and before allows a remote attacker to escalate privileges via a crafted script to the website_footer parameter in the admin/settings/save.php component.
CVE-2023-46040 1 Get-simple 1 Getsimplecms 2024-11-21 5.4 Medium
Cross Site Scripting vulnerability in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via the a crafted payload to the components.php function.
CVE-2023-46026 1 Phpgurukul 1 Teacher Subject Allocation Management System 2024-11-21 4.8 Medium
Cross Site Scripting (XSS) vulnerability in profile.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary code via the 'adminname' and 'email' parameters.
CVE-2023-46020 1 Code-projects 1 Blood Bank 2024-11-21 6.1 Medium
Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters.
CVE-2023-46019 1 Code-projects 1 Blood Bank 2024-11-21 6.1 Medium
Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter.
CVE-2023-46016 1 Code-projects 1 Blood Bank 2024-11-21 6.1 Medium
Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL.
CVE-2023-46015 1 Code-projects 1 Blood Bank 2024-11-21 6.1 Medium
Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL.