CWE-79 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (43894 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-28991	1 Piwebsolution	1 Pi-woocommerce-order-date-time-and-type	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Order date, Order pickup, Order date time, Pickup Location, delivery date for WooCommerce plugin <= 3.0.19 versions.
CVE-2023-28988	1 Piwebsolution	1 Add-to-cart-direct-checkout-for-woocommerce	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Direct checkout, Add to cart redirect, Quick purchase button, Buy now button, Quick View button for WooCommerce plugin <= 2.1.48 versions.
CVE-2023-28933	1 Stpetedesign	1 Call Now Accessibility Button	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in StPeteDesign Call Now Accessibility Button plugin <= 1.1 versions.
CVE-2023-28931	1 Never5	1 Post Connector	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Never5 Post Connector plugin <= 1.0.9 versions.
CVE-2023-28884	1 Misp-project	1 Malware Information Sharing Platform	2024-11-21	6.1 Medium
In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index.
CVE-2023-28875	1 Afian	1 Filerun	2024-11-21	5.4 Medium
A Stored XSS issue in shared files download terms in Filerun Update 20220202 allows attackers to inject JavaScript code that is executed when a user follows the crafted share link.
CVE-2023-28873	1 Seafile	1 Seafile	2024-11-21	5.4 Medium
An XSS issue in wiki and discussion pages in Seafile 9.0.6 allows attackers to inject JavaScript into the Markdown editor.
CVE-2023-28819	1 Concretecms	1 Concrete Cms	2024-11-21	3.5 Low
Concrete CMS (previously concrete5) versions 8.5.12 and below, 9.0.0 through 9.0.2 is vulnerable to Stored XSS in uploaded file and folder names.
CVE-2023-28790	1 Simple Staff List Project	1 Simple Staff List	2024-11-21	5.9 Medium
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Brett Shumaker Simple Staff List plugin <= 2.2.3 versions.
CVE-2023-28785	1 Yoast	1 Yoast Seo	2024-11-21	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Yoast Yoast SEO: Local plugin <= 14.9 versions.
CVE-2023-28784	1 Contest-gallery	1 Contest Gallery	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Contest Gallery plugin <= 21.1.2 versions.
CVE-2023-28783	1 Phpradar	1 Woocommerce Tip\/donation	2024-11-21	5.9 Medium
Auth. (shop manager+) Stored Cross-Site Scripting (XSS) vulnerability in PHPRADAR Woocommerce Tip/Donation plugin <= 1.2 versions.
CVE-2023-28779	1 Simplecoding	1 Terms Descriptions	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Vladimir Statsenko Terms descriptions plugin <= 3.4.4 versions.
CVE-2023-28778	1 Bestwebsoft	1 Pagination	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BestWebSoft Pagination plugin <= 1.2.2 versions.
CVE-2023-28776	1 I13websolution	1 Continuous Image Carousel With Lightbox	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Continuous Image Carousel With Lightbox plugin <= 1.0.15 versions.
CVE-2023-28774	1 Grade	1 Review Stream	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Grade Us, Inc. Review Stream plugin <= 1.6.5 versions.
CVE-2023-28773	1 Kolja-nolte	1 Secondary Title	2024-11-21	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kolja Nolte Secondary Title plugin <= 2.0.9.1 versions.
CVE-2023-28750	1 Albo Pretorio On Line Project	1 Albo Pretorio On Line	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On line plugin <= 4.6 versions.
CVE-2023-28695	1 Vigilantor Project	1 Vigilantor	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Drew Phillips VigilanTor plugin <= 1.3.10 versions.
CVE-2023-28693	1 Balasahebbhise	1 Advanced Youtube Channel Pagination	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Balasaheb Bhise Advanced Youtube Channel Pagination plugin <= 1.0 version.

« first previous Page 1530 of 2195. next last »