CVE List - 2023 / December
Showing 2501 - 2600 of 2674 CVEs for December 2023 (Page 26 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-51431 | 2023-12-29 | Some Honor products are affected by incorrect privilege assignment vulnerability,... |
| CVE-2023-51432 | 2023-12-29 | Some Honor products are affected by out of bounds read... |
| CVE-2023-51433 | 2023-12-29 | Some Honor products are affected by incorrect privilege assignment vulnerability,... |
| CVE-2023-51434 | 2023-12-29 | Some Honor products are affected by buffer overflow vulnerability, successful... |
| CVE-2023-51435 | 2023-12-29 | Some Honor products are affected by incorrect privilege assignment vulnerability,... |
| CVE-2023-7150 | 2023-12-29 | Campcodes Chic Beauty Salon Product product-list.php unrestricted upload |
| CVE-2023-7152 | 2023-12-29 | MicroPython modselect.c poll_set_add_fd use after free |
| CVE-2023-7155 | 2023-12-29 | SourceCodester Free and Open Source Inventory Management System edit_product.php sql injection |
| CVE-2023-7156 | 2023-12-29 | Campcodes Online College Library System Search index.php sql injection |
| CVE-2023-7157 | 2023-12-29 | SourceCodester Free and Open Source Inventory Management System sell_return_data.php sql injection |
| CVE-2023-7158 | 2023-12-29 | MicroPython objslice.c slice_indices heap-based overflow |
| CVE-2023-7159 | 2023-12-29 | gopeak MasterLab User.php update unrestricted upload |
| CVE-2023-7160 | 2023-12-29 | SourceCodester Engineers Online Portal Add Engineer cross site scripting |
| CVE-2023-7161 | 2023-12-29 | Netentsec NS-ASG Application Security Gateway Login sql injection |
| CVE-2023-22676 | 2023-12-29 | WordPress Advanced Custom Fields: Image Crop Add-on Plugin <= 1.4.12 is vulnerable to Broken Access Control |
| CVE-2023-7166 | 2023-12-29 | Novel-Plus HTTP POST Request updateUserInfo cross site scripting |
| CVE-2023-22677 | 2023-12-29 | WordPress WP Booklet Plugin <= 2.1.8 is vulnerable to Remote Code Execution (RCE) |
| CVE-2023-25054 | 2023-12-29 | WordPress RSVPMarker Plugin <= 10.6.6 is vulnerable to Remote Code Execution (RCE) |
| CVE-2023-32095 | 2023-12-29 | WordPress Rename Media Files Plugin <= 1.0.1 is vulnerable to Remote Code Execution (RCE) |
| CVE-2023-40606 | 2023-12-29 | WordPress Kanban Boards for WordPress Plugin <= 2.5.21 is vulnerable to Arbitrary Code Execution |
| CVE-2023-45751 | 2023-12-29 | WordPress Nexter Extension Plugin <= 2.0.3 is vulnerable to Remote Code Execution (RCE) |
| CVE-2023-46623 | 2023-12-29 | WordPress WP EXtra Plugin <= 6.2 is vulnerable to Remote Code Execution (RCE) |
| CVE-2023-47840 | 2023-12-29 | WordPress Qode Essential Addons Plugin <= 1.5.2 is vulnerable to Remote Code Execution (RCE) |
| CVE-2023-49830 | 2023-12-29 | WordPress Astra Pro Plugin <= 4.3.1 is vulnerable to Remote Code Execution (RCE) |
| CVE-2023-51420 | 2023-12-29 | WordPress Verge3D Plugin <= 4.5.2 is vulnerable to Remote Code Execution (RCE) |
| CVE-2023-4462 | 2023-12-29 | Poly VVX 601 Web Configuration Application random values |
| CVE-2023-4463 | 2023-12-29 | Poly CCX 400/CCX 600/Trio 8800/Trio C60 HTTP Header denial of service |
| CVE-2023-4464 | 2023-12-29 | Poly VVX 601 Diagnostic Telnet Mode os command injection |
| CVE-2023-4465 | 2023-12-29 | Poly VVX 601 Configuration File Import unverified password change |
| CVE-2023-4466 | 2023-12-29 | Poly CCX 400/CCX 600/Trio 8800/Trio C60 Web Interface protection mechanism |
| CVE-2023-4467 | 2023-12-29 | Poly Trio 8800 Test Automation Mode backdoor |
| CVE-2023-4468 | 2023-12-29 | Poly Trio 8500/Trio 8800/Trio C60 Poly Lens Management Cloud Registration authorization |
| CVE-2022-44589 | 2023-12-29 | WordPress miniOrange's Google Authenticator Plugin <= 5.6.1 is vulnerable to Sensitive Data Exposure |
| CVE-2023-28786 | 2023-12-29 | WordPress Solid Security Plugin <= 8.1.4 is vulnerable to Open Redirection |
| CVE-2023-31095 | 2023-12-29 | WordPress Integration for Contact Form 7 HubSpot Plugin <= 1.2.8 is vulnerable to Open Redirection |
| CVE-2023-31229 | 2023-12-29 | WordPress WP Directory Kit Plugin <= 1.1.9 is vulnerable to Open Redirection |
| CVE-2023-31237 | 2023-12-29 | WordPress Zephyr Project Manager Plugin <= 3.3.9 is vulnerable to Open Redirection |
| CVE-2023-32101 | 2023-12-29 | WordPress Library Viewer Plugin <= 2.0.6 is vulnerable to Open Redirection |
| CVE-2023-32517 | 2023-12-29 | WordPress MailChimp Subscribe Forms Plugin <= 4.0.9.3 is vulnerable to Open Redirection |
| CVE-2023-52135 | 2023-12-29 | WordPress WS Form LITE Plugin <= 1.9.170 is vulnerable to SQL Injection |
| CVE-2023-51541 | 2023-12-29 | WordPress Stock Ticker Plugin <= 3.23.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-51399 | 2023-12-29 | WordPress Back Button Widget Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-51397 | 2023-12-29 | WordPress WP Remote Site Search Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-51396 | 2023-12-29 | WordPress Brizy – Page Builder Plugin <= 2.4.29 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-51374 | 2023-12-29 | WordPress ZeroBounce Email Verification & Validation Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-51372 | 2023-12-29 | WordPress HashBar – WordPress Notification Bar Plugin <= 1.4.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-51373 | 2023-12-29 | WordPress Google Photos Gallery with Shortcodes Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-51371 | 2023-12-29 | WordPress Bit Assist Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-51361 | 2023-12-29 | WordPress Sticky Chat Widget Plugin <= 1.1.8 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-50901 | 2023-12-29 | WordPress HT Mega Plugin <= 2.3.8 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-50896 | 2023-12-29 | WordPress weForms Plugin <= 1.6.17 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-50893 | 2023-12-29 | WordPress UpSolution Core Plugin <= 8.17.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-50892 | 2023-12-29 | WordPress TheGem Theme <= 5.9.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-50891 | 2023-12-29 | WordPress Zoho Forms Plugin <= 3.0.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-50889 | 2023-12-29 | WordPress Beaver Builder Plugin <= 2.7.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-50881 | 2023-12-29 | WordPress Advanced Access Manager Plugin <= 6.9.15 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-50880 | 2023-12-29 | WordPress BuddyPress Plugin <= 11.3.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-50879 | 2023-12-29 | WordPress WordPress.com Editing Toolkit Plugin <= 3.78784 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-41813 | 2023-12-29 | User notification settings edition |
| CVE-2023-50837 | 2023-12-29 | WordPress Login Lockdown Plugin <= 2.06 is vulnerable to SQL Injection |
| CVE-2023-41814 | 2023-12-29 | XSS Vulnerability Messages |
| CVE-2023-41815 | 2023-12-29 | XSS in File manager |
| CVE-2023-44088 | 2023-12-29 | SQL Injection in Visual Console |
| CVE-2023-44089 | 2023-12-29 | XSS in Visual Console |
| CVE-2023-7078 | 2023-12-29 | Server-Side Request Forgery (SSRF) in Miniflare |
| CVE-2023-7079 | 2023-12-29 | Arbitrary remote file read in Wrangler dev server |
| CVE-2023-7080 | 2023-12-29 | Arbitrary remote code execution within wrangler dev Workers sandbox |
| CVE-2023-51402 | 2023-12-29 | WordPress Ultimate Addons for WPBakery Page Builder Plugin <= 3.19.17 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-51378 | 2023-12-29 | WordPress Rise Blocks Plugin <= 3.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-51358 | 2023-12-29 | WordPress Block IPs for Gravity Forms Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-51354 | 2023-12-29 | WordPress Webba Booking Plugin <= 4.5.33 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-50902 | 2023-12-29 | WordPress New User Approve Plugin <= 2.5.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-50878 | 2023-12-29 | WordPress MStore API Plugin <= 4.10.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-51676 | 2023-12-29 | WordPress Happy Addons for Elementor Plugin <= 3.9.1.1 is vulnerable to Server Side Request Forgery (SSRF) |
| CVE-2023-7113 | 2023-12-29 | Mattermost version 8.1.6 and earlier fails to sanitize channel mention... |
| CVE-2023-7114 | 2023-12-29 | Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths,... |
| CVE-2023-51545 | 2023-12-29 | WordPress Job Manager & Career Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object Injection |
| CVE-2023-51505 | 2023-12-29 | WordPress Active Products Tables for WooCommerce Plugin <= 1.0.6 is vulnerable to PHP Object Injection |
| CVE-2023-51470 | 2023-12-29 | WordPress Rencontre – Dating Site Plugin <= 3.11.1 is vulnerable to PHP Object Injection |
| CVE-2023-51422 | 2023-12-29 | WordPress WebinarIgnition Plugin <= 3.05.0 is vulnerable to PHP Object Injection |
| CVE-2023-51414 | 2023-12-29 | WordPress EnvíaloSimple Plugin <= 2.1 is vulnerable to PHP Object Injection |
| CVE-2023-51475 | 2023-12-29 | WordPress WP MLM Unilevel Plugin <= 4.0 is vulnerable to Arbitrary File Upload |
| CVE-2023-51473 | 2023-12-29 | WordPress TerraClassifieds Plugin <= 2.0.3 is vulnerable to Arbitrary File Upload |
| CVE-2023-51468 | 2023-12-29 | WordPress Rencontre – Dating Site Plugin <= 3.10.1 is vulnerable to Arbitrary File Upload |
| CVE-2023-51421 | 2023-12-29 | WordPress Verge3D Plugin <= 4.5.2 is vulnerable to Arbitrary File Upload |
| CVE-2023-51419 | 2023-12-29 | WordPress BERTHA AI Plugin <= 1.11.10.7 is vulnerable to Arbitrary File Upload |
| CVE-2023-51417 | 2023-12-29 | WordPress JVM rich text icons Plugin <= 1.2.3 is vulnerable to Arbitrary File Upload |
| CVE-2023-51412 | 2023-12-29 | WordPress Piotnet Forms Plugin <= 1.0.25 is vulnerable to Arbitrary File Upload |
| CVE-2023-51411 | 2023-12-29 | WordPress Frontend Admin by DynamiApps Plugin <= 3.18.3 is vulnerable to Arbitrary File Upload |
| CVE-2023-51410 | 2023-12-29 | WordPress WP Mail Log Plugin <= 1.1.2 is vulnerable to Arbitrary File Upload |
| CVE-2023-51675 | 2023-12-29 | WordPress Advanced Access Manager Plugin <= 6.9.18 is vulnerable to Open Redirection |
| CVE-2023-47804 | 2023-12-29 | Apache OpenOffice: Macro URL arbitrary script execution |
| CVE-2023-4541 | 2023-12-29 | SQLi in Weens Admin Panel |
| CVE-2023-4674 | 2023-12-29 | SQLi in Yazteks E-Commerce Software |
| CVE-2023-4675 | 2023-12-29 | SQLi i GM Informatics MDO |
| CVE-2023-51517 | 2023-12-29 | WordPress Calculated Fields Form Plugin <= 1.2.28 is vulnerable to Open Redirection |
| CVE-2023-51687 | 2023-12-29 | WordPress Product Catalog Simple Plugin <= 1.7.6 is vulnerable to Sensitive Data Exposure |
| CVE-2023-51688 | 2023-12-29 | WordPress eCommerce Product Catalog Plugin <= 3.3.26 is vulnerable to Sensitive Data Exposure |
| CVE-2023-51527 | 2023-12-29 | WordPress GPT3 AI Content Writer Plugin <= 1.8.2 is vulnerable to Sensitive Data Exposure |
| CVE-2020-17163 | 2023-12-29 | Visual Studio Code Python Extension Remote Code Execution Vulnerability |