CVE List - 2023 / November
Showing 2401 - 2443 of 2443 CVEs for November 2023 (Page 25 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-48317 | 2023-11-30 | WordPress Display Custom Post Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-48272 | 2023-11-30 | WordPress Maspik – Spam blacklist Plugin <= 0.9.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47877 | 2023-11-30 | WordPress Perfmatters Plugin < 2.2.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47876 | 2023-11-30 | WordPress Perfmatters Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47872 | 2023-11-30 | WordPress wpForo Forum Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47853 | 2023-11-30 | WordPress myCred Plugin <= 2.6.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47848 | 2023-11-30 | WordPress Tainacan Plugin <= 0.20.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-31176 | 2023-11-30 | Insufficient entropy vulnerability could lead to authentication bypass |
| CVE-2023-31177 | 2023-11-30 | Improper neutralizataion of input could lead to execution of arbitrary code |
| CVE-2023-34388 | 2023-11-30 | Improper authentication could lead to session hijacking |
| CVE-2023-47844 | 2023-11-30 | WordPress Grab & Save Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34389 | 2023-11-30 | Allocation of resources without limits could lead to denial of service |
| CVE-2023-34390 | 2023-11-30 | Improper input validation could lead to denial of service |
| CVE-2023-2264 | 2023-11-30 | Improper input validition could lead to code injection |
| CVE-2023-2265 | 2023-11-30 | Improper restriction of rendered UI layers or frames could lead to clickjacking attack |
| CVE-2023-38400 | 2023-11-30 | WordPress Enfold Theme <= 5.6.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-2266 | 2023-11-30 | Improper neutralization of input during web page generation could lead to cross-site scripting based attacks |
| CVE-2023-2267 | 2023-11-30 | Improper input validation could lead to reflection injection attacks |
| CVE-2023-47521 | 2023-11-30 | WordPress Q2W3 Post Order Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-6438 | 2023-11-30 | Thecosy IceCMS Like improper enforcement of a single, unique action |
| CVE-2023-34018 | 2023-11-30 | WordPress SoundCloud Shortcode Plugin <= 3.1.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47870 | 2023-11-30 | WordPress wpForo Forum Plugin <= 2.2.6 is vulnerable to Broken Access Control and Cross Site Request Forgery (CSRF) |
| CVE-2023-6342 | 2023-11-30 | Tyler Technologies Court Case Management Plus "pay for print" allows authentication bypass |
| CVE-2023-6341 | 2023-11-30 | Catalis CM360 allows authentication bypass |
| CVE-2023-6343 | 2023-11-30 | Tyler Technologies Court Case Management Plus use of Aquaforest TIFF Server tssp.aspx allows authentication bypass |
| CVE-2023-6344 | 2023-11-30 | Tyler Technologies Court Case Management Plus use of Aquaforest TIFF Server te003.aspx and te004.aspx allows authentication bypass |
| CVE-2023-6353 | 2023-11-30 | Tyler Technologies Civil and Criminal Electronic Filing Upload.aspx allows authentication bypass |
| CVE-2023-6354 | 2023-11-30 | Tyler Technologies Magistrate Court Case Management Plus PDFViewer.aspx allows authentication bypass |
| CVE-2023-6375 | 2023-11-30 | Tyler Technologies Magistrate Court Case Management Plus stores backups insecurely |
| CVE-2023-6376 | 2023-11-30 | Henschen & Associates court document management software cache uses predictable file names |
| CVE-2023-6352 | 2023-11-30 | Aquaforest TIFF Server default configuration allows access to arbitrary files |
| CVE-2023-6439 | 2023-11-30 | ZenTao PMS cross site scripting |
| CVE-2023-6440 | 2023-11-30 | SourceCodester Book Borrower System add-book.php cross site scripting |
| CVE-2023-6442 | 2023-11-30 | PHPGurukul Nipah Virus Testing Management System add-phlebotomist.php cross site scripting |
| CVE-2023-49735 | 2023-11-30 | Apache Tiles: Unvalidated input may lead to path traversal and XXE |
| CVE-2023-5908 | 2023-11-30 | Heap Based Buffer Overflow in PTC KEPServerEx |
| CVE-2023-39226 | 2023-11-30 | Delta Electronics InfraSuite Device Master Exposed Dangerous Method Or Function |
| CVE-2023-5909 | 2023-11-30 | Improper Validation of Certificate with Host Mismatch in PTC KEPServerEx |
| CVE-2023-46690 | 2023-11-30 | Delta Electronics InfraSuite Device Master Path Traversal |
| CVE-2023-47207 | 2023-11-30 | Delta Electronics InfraSuite Device Master Deserialization of Untrusted Data |
| CVE-2023-47279 | 2023-11-30 | Delta Electronics InfraSuite Device Master Path Traversal |
| CVE-2023-42916 | 2023-11-30 | An out-of-bounds read was addressed with improved input validation. This... |
| CVE-2023-42917 | 2023-11-30 | A memory corruption vulnerability was addressed with improved locking. This... |