Export limit exceeded: 46001 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46001 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40674 | 1 Getlasso | 1 Simple Urls | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lasso Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management allows Stored XSS.This issue affects Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management: from n/a through 118. | ||||
| CVE-2023-40332 | 1 Lesterchan | 1 Wp-postratings | 2026-04-28 | 5.3 Medium |
| Improper Control of Interaction Frequency vulnerability in Lester ‘GaMerZ’ Chan WP-PostRatings allows Functionality Misuse.This issue affects WP-PostRatings: from n/a through 1.91. | ||||
| CVE-2023-40000 | 1 Litespeedtech | 1 Litespeed Cache | 2026-04-28 | 8.3 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 5.7. | ||||
| CVE-2023-39926 | 1 Acurax | 1 Under Construction \/ Maintenance Mode | 2026-04-28 | 7.1 High |
| Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Acurax Under Construction / Maintenance Mode from Acurax plugin <= 2.6 versions. | ||||
| CVE-2023-39921 | 1 Amitzy | 1 Molongui | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Molongui Author Box, Guest Author and Co-Authors for Your Posts – Molongui allows Stored XSS.This issue affects Author Box, Guest Author and Co-Authors for Your Posts – Molongui: from n/a through 4.6.19. | ||||
| CVE-2023-39306 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through 3.11.1. | ||||
| CVE-2023-38474 | 1 Campaignmonitor | 1 Campaign Monitor | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Campaign Monitor Campaign Monitor for WordPress allows Reflected XSS.This issue affects Campaign Monitor for WordPress: from n/a through 2.8.12. | ||||
| CVE-2023-38400 | 1 Kriesi | 1 Enfold | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Reflected XSS.This issue affects Enfold - Responsive Multi-Purpose Theme: from n/a through 5.6.4. | ||||
| CVE-2023-34018 | 1 Soundcloud | 1 Soundcloud Shortcode | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoundCloud Inc. SoundCloud Shortcode allows Stored XSS.This issue affects SoundCloud Shortcode: from n/a through 3.1.0. | ||||
| CVE-2023-33322 | 1 Etoilewebdesign | 1 Front End Users | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Etoile Web Design Front End Users allows Reflected XSS.This issue affects Front End Users: from n/a before 3.2.25. | ||||
| CVE-2023-33216 | 1 Gvectors | 1 Woodiscuz - Woocommerce Comments | 2026-04-28 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gVectors Team WooDiscuz – WooCommerce Comments woodiscuz-woocommerce-comments allows Stored XSS.This issue affects WooDiscuz – WooCommerce Comments: from n/a through 2.2.9. | ||||
| CVE-2023-32291 | 1 Monsterinsights | 1 Monsterinsights | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MonsterInsights Pro allows Stored XSS.This issue affects MonsterInsights Pro: from n/a through 8.14.1. | ||||
| CVE-2023-32237 | 2026-04-28 | 5.4 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem (Elementor), CodexThemes TheGem (WPBakery) allows Stored XSS.This issue affects TheGem (Elementor): from n/a before 5.8.1.1; TheGem (WPBakery): from n/a before 5.8.1.1. | ||||
| CVE-2023-30487 | 1 Thimpress | 1 Learnpress | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ThimPress LearnPress Export Import plugin <= 4.0.2 versions. | ||||
| CVE-2023-30492 | 1 Varktech | 1 Minimum Purchase For Woocommerce | 2026-04-28 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Vark Minimum Purchase for WooCommerce plugin <= 2.0.0.1 versions. | ||||
| CVE-2023-29236 | 1 Cththemes | 1 Outdoor | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cththemes Outdoor theme <= 3.9.6 versions. | ||||
| CVE-2023-28687 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through <= 1.1.4; Fascinate: from n/a through 1.0.8; Cream Blog: from n/a through 2.1.3; Cream Magazine: from n/a through 2.1.4. | ||||
| CVE-2023-28621 | 1 Wishfulthemes | 2 Raise Mag, Wishful Blog | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wishfulthemes Raise Mag, Wishfulthemes Wishful Blog themes allows Reflected XSS.This issue affects Raise Mag: from n/a through 1.0.7; Wishful Blog: from n/a through 2.0.1. | ||||
| CVE-2023-28418 | 1 Mediciti Lite Project | 1 Mediciti Lite | 2026-04-28 | 7.1 High |
| Auth. (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Yudlee themes Mediciti Lite theme <= 1.3.0 versions. | ||||
| CVE-2023-27627 | 1 Eggemplo | 1 Woocommerce Email Report | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in eggemplo Woocommerce Email Report plugin <= 2.4 versions. | ||||