CVE List - 2023 / May
Showing 2101 - 2200 of 2420 CVEs for May 2023 (Page 22 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-32958 | 2023-05-28 | WordPress Novelist Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-33315 | 2023-05-28 | WordPress Smart App Banner Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-33931 | 2023-05-28 | WordPress YouTube Playlist Player Plugin <= 4.6.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-33212 | 2023-05-28 | WordPress JetFormBuilder Plugin <= 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-33314 | 2023-05-28 | WordPress BEAR Plugin <= 1.1.3.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-33309 | 2023-05-28 | WordPress Duplicator Pro Plugin <= 4.5.11 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-33326 | 2023-05-28 | WordPress EventPrime Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-33328 | 2023-05-28 | WordPress MailChimp Subscribe Forms Plugin <= 4.0.9.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-33316 | 2023-05-28 | WordPress WooCommerce Follow-Up Emails (AutomateWoo) plugin <= 4.9.40 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-33319 | 2023-05-28 | WordPress WooCommerce Follow-Up Emails Plugin <= 4.9.40 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-33211 | 2023-05-28 | WordPress WP-Piwik Plugin <= 1.0.27 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-33313 | 2023-05-28 | WordPress WIP Custom Login Plugin <= 1.2.9 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-33311 | 2023-05-28 | WordPress Contact Form Entries Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32800 | 2023-05-28 | WordPress Rank Math SEO PRO Plugin <= 3.0.35 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28785 | 2023-05-28 | WordPress Yoast SEO: Local Plugin <= 14.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-33332 | 2023-05-28 | WordPress WooCommerce Product Vendors Plugin <= 2.1.76 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-33926 | 2023-05-28 | WordPress Easy Google Maps Plugin <= 1.11.7 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-36345 | 2023-05-28 | WordPress Download Plugin Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2021-4336 | 2023-05-28 | ITRS Group monitor-ninja scheduled_reports.php sql injection |
| CVE-2019-19791 | 2023-05-29 | In LemonLDAP::NG (aka lemonldap-ng) before 2.0.7, the default Apache HTTP... |
| CVE-2020-29547 | 2023-05-29 | An issue was discovered in Citadel through webcit-926. Meddler-in-the-middle attackers... |
| CVE-2021-27825 | 2023-05-29 | A directory traversal vulnerability on Mercury MAC1200R devices allows attackers... |
| CVE-2021-37845 | 2023-05-29 | An issue was discovered in Citadel through webcit-932. A meddler-in-the-middle... |
| CVE-2022-24627 | 2023-05-29 | An issue was discovered in AudioCodes Device Manager Express through... |
| CVE-2022-24628 | 2023-05-29 | An issue was discovered in AudioCodes Device Manager Express through... |
| CVE-2022-24629 | 2023-05-29 | An issue was discovered in AudioCodes Device Manager Express through... |
| CVE-2022-24630 | 2023-05-29 | An issue was discovered in AudioCodes Device Manager Express through... |
| CVE-2022-24631 | 2023-05-29 | An issue was discovered in AudioCodes Device Manager Express through... |
| CVE-2022-24632 | 2023-05-29 | An issue was discovered in AudioCodes Device Manager Express through... |
| CVE-2022-41766 | 2023-05-29 | An issue was discovered in MediaWiki before 1.35.8, 1.36.x and... |
| CVE-2023-24597 | 2023-05-29 | OX App Suite before frontend 7.10.6-rev24 allows the loading (without... |
| CVE-2023-24598 | 2023-05-29 | OX App Suite before backend 7.10.6-rev37 has an information leak... |
| CVE-2023-24599 | 2023-05-29 | OX App Suite before backend 7.10.6-rev37 allows authenticated users to... |
| CVE-2023-24600 | 2023-05-29 | OX App Suite before backend 7.10.6-rev37 allows authenticated users to... |
| CVE-2023-24601 | 2023-05-29 | OX App Suite before frontend 7.10.6-rev24 allows XSS via a... |
| CVE-2023-24602 | 2023-05-29 | OX App Suite before frontend 7.10.6-rev24 allows XSS via data... |
| CVE-2023-24603 | 2023-05-29 | OX App Suite before backend 7.10.6-rev37 does not check size... |
| CVE-2023-24604 | 2023-05-29 | OX App Suite before backend 7.10.6-rev37 does not check HTTP... |
| CVE-2023-24605 | 2023-05-29 | OX App Suite before backend 7.10.6-rev37 does not enforce 2FA... |
| CVE-2023-28153 | 2023-05-29 | An issue was discovered in the Kiddoware Kids Place Parental... |
| CVE-2023-2954 | 2023-05-29 | Cross-site Scripting (XSS) - Stored in liangliangyy/djangoblog |
| CVE-2023-30253 | 2023-05-29 | Dolibarr before 17.0.1 allows remote code execution by an authenticated... |
| CVE-2023-30571 | 2023-05-29 | Libarchive through 3.6.2 can cause directories to have world-writable permissions.... |
| CVE-2022-33974 | 2023-05-29 | WordPress Custom Twitter Feeds (Tweets Widget) Plugin <= 1.8.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-45372 | 2023-05-29 | WordPress Product Gallery Slider for WooCommerce Plugin <= 2.2.8 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-2955 | 2023-05-29 | SourceCodester Students Online Internship Timesheet System GET Parameter rendered_report.php sql injection |
| CVE-2023-2808 | 2023-05-29 | Lack of URL normalization allows rendering previews for disallowed domains |
| CVE-2023-2962 | 2023-05-29 | SourceCodester Faculty Evaluation System sql injection |
| CVE-2023-23699 | 2023-05-29 | WordPress Progress Bar Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-27613 | 2023-05-29 | WordPress Forms Ada Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32072 | 2023-05-29 | Tuleap vulnerable toXSS via the triggered job URL of a Jenkins job |
| CVE-2023-32687 | 2023-05-29 | Insufficiently Protected ChatBot Credentials in tgstation-server |
| CVE-2014-125102 | 2023-05-29 | Bestwebsoft Relevant Plugin Thumbnail information disclosure |
| CVE-2022-36243 | 2023-05-30 | Directory Traversal on Shop Beat Services |
| CVE-2022-36244 | 2023-05-30 | Multiple Stored Cross-Site Scripting Vulnerabilities on Shop Beat Services |
| CVE-2022-36246 | 2023-05-30 | Shop Beat Services Vulnerable To Insecure Permissions |
| CVE-2022-36247 | 2023-05-30 | Shop Beat Services Vulnerable To IDOR |
| CVE-2022-36249 | 2023-05-30 | Shop Beat Services Vulnerable To Bypass 2FA via APIs |
| CVE-2022-36250 | 2023-05-30 | Cross Site Request Forgery on Shop Beat Services |
| CVE-2022-39071 | 2023-05-30 | There is an unauthorized access vulnerability in some ZTE mobile... |
| CVE-2022-39074 | 2023-05-30 | There is an unauthorized access vulnerability in some ZTE mobile... |
| CVE-2022-39075 | 2023-05-30 | There is an unauthorized access vulnerability in some ZTE mobile... |
| CVE-2022-47028 | 2023-05-30 | An issue discovered in Action Launcher for Android v50.5 allows... |
| CVE-2022-47029 | 2023-05-30 | An issue was found in Action Launcher v50.5 allows an... |
| CVE-2022-47525 | 2023-05-30 | Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a Divide-by-Zero... |
| CVE-2022-47526 | 2023-05-30 | Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a path... |
| CVE-2023-23561 | 2023-05-30 | Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control:... |
| CVE-2023-23956 | 2023-05-30 | A user can supply malicious HTML and JavaScript code that... |
| CVE-2023-27988 | 2023-05-30 | The post-authentication command injection vulnerability in the Zyxel NAS326 firmware... |
| CVE-2023-28344 | 2023-05-30 | An issue was discovered in Faronics Insight 10.0.19045 on Windows.... |
| CVE-2023-28345 | 2023-05-30 | An issue was discovered in Faronics Insight 10.0.19045 on Windows.... |
| CVE-2023-28346 | 2023-05-30 | An issue was discovered in Faronics Insight 10.0.19045 on Windows.... |
| CVE-2023-28347 | 2023-05-30 | An issue was discovered in Faronics Insight 10.0.19045 on Windows.... |
| CVE-2023-28348 | 2023-05-30 | An issue was discovered in Faronics Insight 10.0.19045 on Windows.... |
| CVE-2023-28349 | 2023-05-30 | An issue was discovered in Faronics Insight 10.0.19045 on Windows.... |
| CVE-2023-28350 | 2023-05-30 | An issue was discovered in Faronics Insight 10.0.19045 on Windows.... |
| CVE-2023-28351 | 2023-05-30 | An issue was discovered in Faronics Insight 10.0.19045 on Windows.... |
| CVE-2023-28352 | 2023-05-30 | An issue was discovered in Faronics Insight 10.0.19045 on Windows.... |
| CVE-2023-28353 | 2023-05-30 | An issue was discovered in Faronics Insight 10.0.19045 on Windows.... |
| CVE-2023-2952 | 2023-05-30 | XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and... |
| CVE-2023-2953 | 2023-05-30 | A vulnerability was found in openldap. This security flaw causes... |
| CVE-2023-2972 | 2023-05-30 | Prototype Pollution in antfu/utils |
| CVE-2023-29726 | 2023-05-30 | The Call Blocker application 6.6.3 for Android incorrectly opens a... |
| CVE-2023-29727 | 2023-05-30 | The Call Blocker application 6.6.3 for Android allows unauthorized applications... |
| CVE-2023-29728 | 2023-05-30 | The Call Blocker application 6.6.3 for Android allows attackers to... |
| CVE-2023-29731 | 2023-05-30 | SoLive 1.6.14 thru 1.6.20 for Android has an exposed component... |
| CVE-2023-29732 | 2023-05-30 | SoLive 1.6.14 thru 1.6.20 for Android exists exposed component, the... |
| CVE-2023-29733 | 2023-05-30 | The Lock Master app 2.2.4 for Android allows unauthorized apps... |
| CVE-2023-29734 | 2023-05-30 | An issue found in edjing Mix v.7.09.01 for Android allows... |
| CVE-2023-29735 | 2023-05-30 | An issue found in edjing Mix v.7.09.01 for Android allows... |
| CVE-2023-29737 | 2023-05-30 | An issue found in Wave Animated Keyboard Emoji v.1.70.7 for... |
| CVE-2023-29738 | 2023-05-30 | An issue found in Wave Animated Keyboard Emoji v.1.70.7 for... |
| CVE-2023-29739 | 2023-05-30 | An issue found in Alarm Clock for Heavy Sleepers v.5.3.2... |
| CVE-2023-29740 | 2023-05-30 | An issue found in Alarm Clock for Heavy Sleepers v.5.3.2... |
| CVE-2023-29741 | 2023-05-30 | An issue found in BestWeather v.7.3.1 for Android allows unauthorized... |
| CVE-2023-29742 | 2023-05-30 | An issue found in BestWeather v.7.3.1 for Android allows unauthorized... |
| CVE-2023-29743 | 2023-05-30 | An issue found in BestWeather v.7.3.1 for Android allows unauthorized... |
| CVE-2023-29745 | 2023-05-30 | An issue found in BestWeather v.7.3.1 for Android allows unauthorized... |
| CVE-2023-2983 | 2023-05-30 | Privilege Defined With Unsafe Actions in pimcore/pimcore |
| CVE-2023-2984 | 2023-05-30 | Path Traversal: '\..\filename' in pimcore/pimcore |