CWE:
 

Topic
Date
Author
Low
WorkOrder CMS 0.1.0 Cross Site Scripting
24.09.2022
Chokri Hammedi
Low
Multix 2.4 Cross Site Scripting
24.09.2022
th3d1gger
Low
Testa 3.5.1 Online Test Management System Reflected Cross-Site Scripting (XSS)
24.09.2022
Ashkan Moghaddas
Low
WordPress GetYourGuide Ticketing 1.0.1 Cross Site Scripting
20.09.2022
Mariam Tariq
Low
News247 News Magazine 1.0 Cross Site Scripting
15.09.2022
Ravinder Verma
Low
ETAP Safety Manager 1.0.0.32 Cross Site Scripting
13.09.2022
LiquidWorm
Low
Rocket LMS 1.6 Cross Site Scripting
13.09.2022
th3d1gger
Low
mbDrive Lite WiFi Flash Disk 1.4.0 Cross Site Scripting
11.09.2022
Chokri Hammedi
Med.
OX App Suite Cross Site Scripting / Command Injection
02.09.2022
Martin Heiland
Low
WordPress Netroics Blog Posts Grid 1.0 Cross Site Scripting
02.09.2022
yunaranyancat
Med.
WordPress Core Cross Site Scripting / SQL Injection
31.08.2022
Khalilov Moe
Med.
FLIR AX8 1.46.16 Traversal / Access Control / Command Injection / XSS
20.08.2022
Samy Younsi
Low
Inout SiteSearch 2.0.1 Cross Site Scripting
15.08.2022
CraCkEr
High
Windows sxssrv!BaseSrvActivationContextCacheDuplicateUnicodeString Heap Buffer Overflow
14.08.2022
Google Security Resear...
Low
Fiberhome AN5506-02-B Cross Site Scripting
12.08.2022
Leonardo Goncalves
Low
Intelbras ATA 200 Cross Site Scripting
12.08.2022
Leonardo Goncalves
Low
WordPress Testimonial Slider And Showcase 2.2.6 Cross Site Scripting
06.08.2022
yunaranyancat
Low
WordPress WP-UserOnline 2.87.6 Cross Site Scripting
03.08.2022
Steffin Stanly
Low
Wavlink WN533A8 Cross Site Scripting
02.08.2022
Ahmed Alroky
Low
Transposh WordPress Translation 1.0.7 Cross Site Scripting
01.08.2022
Julien Ahrens
Med.
WordPress Plugin WP-UserOnline 2.87.6 Stored Cross-Site Scripting (XSS)
01.08.2022
Steffin Stanly
Low
Loan Management System 1.0 Cross Site Scripting
29.07.2022
saitamang
Low
Magnolia CMS 6.2.19 Cross Site Scripting
10.07.2022
Giulio Garzia
Low
EQS Integrity Line Cross Site Scripting / Information Disclosure
06.07.2022
Giovanni Pellerano
Low
Paymoney 3.3 Cross Site Scripting
04.07.2022
nu11secur1ty
Low
BigBlueButton 2.3 / 2.4.7 Cross Site Scripting
02.07.2022
Rick Verdoes
Low
WSO2 Management Console Cross Site Scripting
28.06.2022
cxosmo
Low
Mailhog 1.0.1 Stored Cross-Site Scripting (XSS)
28.06.2022
Vulnz
Med.
SIEMENS-SINEMA Remote Connect 3.0.1.0-01.01.00.02 Cross Site Scripting
22.06.2022
Steffen Robertz
Low
SAP Fiori Launchpad Cross Site Scripting
22.06.2022
Yvan Genuer
Low
SAP FRUN 2.00 / 3.00 Cross Site Scripting
22.06.2022
Yvan Genuer
Low
WordPress Download Manager 3.2.43 Cross Site Scripting
22.06.2022
Andrea Bocchetti
Med.
JM-DATA ONU JF511-TV 1.0.67 / 1.0.62 / 1.0.55 XSS / CSRF / Open Redirect
20.06.2022
Neurogenesia
Low
SolarView Compact 6.00 Cross Site Scripting
20.06.2022
Ahmed Alroky
High
Gentics CMS 5.36.29 Cross Site Scripting / Deserialization
20.06.2022
Gerhard Hechenberger
Low
SolarView Compact 6.00 pow Cross-Site Scripting (XSS)
17.06.2022
Ahmed Alroky
Low
WordPress Download Manager 3.2.42 Cross Site Scripting
11.06.2022
Rafie Muhammad
Med.
Product Show Room Site 1.0 Cross Site Scripting
05.06.2022
webraybtl
Low
Contao 4.13.2 Cross Site Scripting
04.06.2022
Chetanya Sharma
Low
Fast Food Ordering System 1.0 Cross Site Scripting
31.05.2022
Ashish Kumar
Low
PHPIPAM 1.4.4 Cross Site Request Forgery / Cross Site Scripting
22.05.2022
Rodolfo Tavares
Low
LiquidFiles 3.4.15 Cross Site Scripting
22.05.2022
Rodolfo Tavares
Low
Survey Sparrow Enterprise Survey Software 2022 Cross Site Scripting
19.05.2022
Pankaj Kumar Thakur
Low
Emby Media Server 4.7.0.60 Cross Site Scripting
19.05.2022
Yehia Elghaly
Low
T-Soft E-Commerce 4 Cross Site Scripting
17.05.2022
Alperen Ergel
Low
Cyclos 4.14.7 groupId DOM Based Cross-Site Scripting (XSS)
17.05.2022
Tin Pham
Low
Showdoc 2.10.3 Stored Cross-Site Scripting (XSS)
17.05.2022
Akshay Ravi
High
e107 CMS 3.2.1 Arbitrary File Upload / Cross Site Scripting
11.05.2022
Hubert Wojciechowski
Low
WordPress Stafflist 3.1.2 Cross Site Scripting
03.05.2022
Hassan Khan Yusufzai
Low
Gitlab 14.9 Cross Site Scripting
26.04.2022
stacksmashing
Low
WordPress Coru LFMember 1.0.2 Cross Site Scripting
26.04.2022
Mariam Tariq
Low
WordPress WP-Invoice 4.3.1 Cross Site Scripting
26.04.2022
Mariam Tariq
Low
WordPress Videos Sync PDF 1.7.4 Cross Site Scripting
24.04.2022
UnD3sc0n0c1d0
Low
WordPress Popup Maker 1.16.5 Cross Site Scripting
24.04.2022
Roel van Beurden
Low
PKP Open Journals System 3.3 Cross Site Scripting
19.04.2022
Hemant Kashyap
Low
Delta Controls enteliTOUCH 3.40.3935 Cross Site Scripting
17.04.2022
LiquidWorm
Low
ICT Protege GX/WX 2.08 Stored Cross-Site Scripting (XSS)
11.04.2022
LiquidWorm
Low
WordPress Anti-Malware Security And Brute-Force Firewall Cross Site Scripting
11.04.2022
Taurus Omar
Low
AeroCMS 0.0.1 Cross Site Scripting
08.04.2022
D4rkP0w4r
Low
Reprise License Manager 14.2 Cross Site Scripting / Information Disclosure
08.04.2022
Giulia Melotti Garibal...
Low
Social Codia SMS 1 Cross Site Scripting
08.04.2022
D4rkP0w4r
Low
minewebcms 1.15.2 Cross Site Scripting
07.04.2022
Chetanya Sharma
Low
Opmon 9.11 Cross Site Scripting
07.04.2022
p3tryx
Low
WordPress CleanTalk 5.173 Cross Site Scripting
01.04.2022
Ramuel Gall
Low
WordPress Uleak Security Dashboard 1.2.3 Cross Site Scripting
01.04.2022
Hassan Khan Yusufzai
Low
Message System 1.0 Cross Site Scripting
31.03.2022
Hejap Zairy
Low
WordPress Easy Cookie Policy 1.6.2 Cross Site Scripting
30.03.2022
0xB9
Low
WordPress Donorbox-Donation-Form 7.1.6 Cross Site Scripting
30.03.2022
Hassan Khan Yusufzai
Low
WordPress Clipr 1.2.3 Cross Site Scripting
30.03.2022
Hassan Khan Yusufzai
Low
SAP Knowledge Warehouse 7.50 / 7.40 / 7.31 / 7.30 Cross Site Scripting
24.03.2022
Julien Ahrens
Low
WordPress Akismet Spam Protection 4.2.2 Cross Site Scripting
24.03.2022
Milad Karimi
Low
Drupal Avatar Upload 7.x-1.0-beta8 Cross Site Scripting
24.03.2022
Milad Karimi
Med.
OX App Suite 7.10.5 Cross Site Scripting
22.03.2022
Martin Heiland
Low
ICT Protege GX/WX 2.08 Cross Site Scripting
22.03.2022
LiquidWorm
Low
Simple Mobile Comparison Website 1.0 Cross Site Scripting
18.03.2022
Ayedh AlQahtani
Low
BuilderTorCTPHPRAT.b Cross Site Scripting
17.03.2022
malvuln
Low
DEOS AG OPEN 710/810 Cross Site Scripting
10.03.2022
n4pst3r
Low
Zyxel ZyWALL 2 Plus Cross Site Scripting
04.03.2022
Momen Eldawakhly
Low
Cipi Control Panel 3.1.15 Cross Site Scripting
03.03.2022
Fikrat Ghuliev
Low
WordPress Photoswipe Masonry Gallery 1.2.14 Cross Site Scripting
26.02.2022
Chloe Chamberland
Low
Network Video Recorder NVR304-16EP Reflected Cross-Site Scripting (XSS) (Unauthenticated)
23.02.2022
Luis Martinez
Low
WordPress 99robots Header Footer Code Manager 1.1.16 Cross Site Scripting
22.02.2022
Ramuel Gall
Low
Agirhnet 1.0 Cross Site Scripting
22.02.2022
Daniel Martinez Adan
Med.
Car Portal Template Cross Site Scripting
20.02.2022
Vulnerability Laborato...
Low
Fortinet Fortimail 7.0.1 Cross Site Scripting
20.02.2022
Braiant Giraldo Villa
Low
WordPress Cozmoslabs Profile Builder 3.6.1 Cross Site Scripting
17.02.2022
Chloe Chamberland
High
Zyxel Buffer Overflow / File Disclosure / CSRF / XSS / Broken Access Control
17.02.2022
Stefan Viehbock
Low
MartFury Marketplace Cross Site Scripting
17.02.2022
Vulnerability Laborato...
Low
Network Video Recorder NVR304-16EP Cross Site Scripting
16.02.2022
Luis Martinez
Low
WordPress Plugin Post Grid 2.1.1 Cross Site Scripting (XSS)
14.02.2022
0xB9
Low
WordPress Plugin CP Blocks 1.0.14 Stored Cross Site Scripting (XSS)
09.02.2022
Shweta Mahajan
Low
WordPress Plugin Product Slider for WooCommerce 1.13.21 Cross Site Scripting (XSS)
08.02.2022
0xB9
Low
WordPress CP Blocks 1.0.14 Cross Site Scripting
08.02.2022
Shweta Mahajan
Low
WordPress Security Audit 1.0.0 Cross Site Scripting
08.02.2022
Shweta Mahajan
Med.
Shopmetrics Mystery Shopping Software Broken Access Control / XSS
07.02.2022
A. Vodyasov
Low
WordPress IP2Location Country Blocker 2.26.7 Cross Site Scripting
07.02.2022
Ahmet Serkan Ari
Low
Rocket LMS 1.1 Persistent Cross Site Scripting (XSS)
07.02.2022
Vulnerability-Lab
Med.
WordPress International SMS For Contact Form 7 Integration 1.2 XSS
07.02.2022
Milad Karimi
Low
WordPress Post Grid 2.1.1 Cross Site Scripting
04.02.2022
0xB9
Low
WordPress Product Slider For WooCommerce 1.13.21 Cross Site Scripting
03.02.2022
0xB9


CVEMAP Search Results

CVE
Details
Description
2022-09-24
Waiting for details
CVE-2022-23461

Updating...
 

 
Jodit Editor is a WYSIWYG editor written in pure TypeScript without the use of additional libraries. Jodit Editor is vulnerable to XSS attacks when pasting specially constructed input. This issue has not been fully patched. There are no known workarounds.

 
2022-09-23
Waiting for details
CVE-2022-39239

Updating...
 

 
netlify-ipx is an on-Demand image optimization for Netlify using ipx. In versions prior to 1.2.3, an attacker can bypass the source image domain allowlist by sending specially crafted headers, causing the handler to load and return arbitrary images. Because the response is cached globally, this image will then be served to visitors without requiring those headers to be set. XSS can be achieved by requesting a malicious SVG with embedded scripts, which would then be served from the site domain. Note that this does not apply to images loaded in `<img>` tags, as scripts do not execute in this context. The image URL can be set in the header independently of the request URL, meaning any site images that have not previously been cached can have their cache poisoned. This problem has been fixed in version 1.2.3. As a workaround, cached content can be cleared by re-deploying the site.

 
Waiting for details
CVE-2022-40672

Updating...
 

 
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CPO Shortcodes plugin <= 1.5.0 at WordPress.

 
Waiting for details
CVE-2022-40195

Updating...
 

 
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PCA Predict plugin <= 1.0.3 at WordPress.

 
Waiting for details
CVE-2022-40193

Updating...
 

 
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in Awesome Filterable Portfolio plugin <= 1.9.7 at WordPress.

 
Waiting for details
CVE-2022-38460

Updating...
 

 
Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in NOTICE BOARD plugin <= 1.1 at WordPress.

 
Waiting for details
CVE-2022-37342

Updating...
 

 
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability Add Shortcodes Actions And Filters plugin <= 2.0.9 at WordPress.

 
Waiting for details
CVE-2022-36791

Updating...
 

 
Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Awesome UG Torro Forms plugin <= 1.0.16 at WordPress.

 
Waiting for details
CVE-2022-40213

Updating...
 

 
Multiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in GS Testimonial Slider plugin <= 1.9.6 at WordPress.

 
Waiting for details
CVE-2022-3144

Updating...
 

 

 

 


Copyright 2022, cxsecurity.com

 

Back to Top