CWE-79 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (43910 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-33326	1 Metagauss	1 Eventprime	2024-11-21	7.1 High
Unauth. Reflected (XSS) Cross-Site Scripting (XSS) vulnerability in EventPrime plugin <= 2.8.6 versions.
CVE-2023-33325	1 Te-st	1 Leyka	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Teplitsa of social technologies Leyka plugin <= 3.30.1 versions.
CVE-2023-33323	1 Reputeinfosystems	1 Armember	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember plugin <= 4.0.2 versions.
CVE-2023-33319	1 Woocommerce	1 Automatewoo	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Follow-Up Emails (AutomateWoo) plugin <= 4.9.40 versions.
CVE-2023-33317	1 Woocommerce	1 Returns And Warranty Requests	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Returns and Warranty Requests plugin <= 2.1.6 versions.
CVE-2023-33312	1 Easy Captcha Project	1 Easy Captcha	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wppal Easy Captcha plugin <= 1.0 versions.
CVE-2023-33311	1 Crmperks	1 Contact Form Entries - Contact Form 7 Wpforms And More	2024-11-21	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in CRM Perks Contact Form Entries plugin <= 1.3.0 versions.
CVE-2023-33309	1 Awesomemotive	1 Duplicator	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Awesome Motive Duplicator Pro plugin <= 4.5.11 versions.
CVE-2023-33304	1 Fortinet	1 Forticlient	2024-11-21	4.4 Medium
A use of hard-coded credentials vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.9 and 7.2.0 - 7.2.1 allows an attacker to bypass system protections via the use of static credentials.
CVE-2023-33257	1 Verint	1 Engagement Management	2024-11-21	5.4 Medium
Verint Engagement Management 15.3 Update 2023R2 is vulnerable to HTML injection via the user data form in the live chat.
CVE-2023-33231	1 Solarwinds	1 Database Performance Analyzer	2024-11-21	6.1 Medium
XSS attack was possible in DPA 2023.2 due to insufficient input validation
CVE-2023-33216	1 Gvectors	1 Woodiscuz - Woocommerce Comments	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gVectors Team WooDiscuz – WooCommerce Comments woodiscuz-woocommerce-comments allows Stored XSS.This issue affects WooDiscuz – WooCommerce Comments: from n/a through 2.2.9.
CVE-2023-33213	1 Gvectors	1 Wpview	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gVectors Display Custom Fields – wpView plugin <= 1.3.0 versions.
CVE-2023-33210	1 Nuajik	1 Nuajik-cdn	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nuajik plugin <= 0.1.0 versions.
CVE-2023-33208	1 Cookie Monster Project	1 Cookie Monster	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gsmith Cookie Monster plugin <= 1.51 versions.
CVE-2023-32965	1 Crudlab	1 Jazz Popups	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CRUDLab Jazz Popups plugin <= 1.8.7 versions.
CVE-2023-32962	1 Hasthemes	1 Wishsuite	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in HasTheme WishSuite – Wishlist for WooCommerce plugin <= 1.3.4 versions.
CVE-2023-32961	1 Zotpress Project	1 Zotpress	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Katie Seaborn Zotpress plugin <= 7.3.3 versions.
CVE-2023-32958	1 Nosegraze	1 Novelist	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Nose Graze Novelist plugin <= 1.2.0 versions.
CVE-2023-32957	1 Dazzlersoft	1 Team Members Showcase	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Dazzlersoft Team Members Showcase plugin <= 1.3.4 versions.

« first previous Page 1518 of 2196. next last »