CVEs from 2023
Total
6,442
critical
critical 221
high
high 1,481
medium
medium 1,383
low
low 30
% Critical
3.4%
% with KEV
2.5%
% with exploit
3.3%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- registrationmagic 6
- codeready_linux_builder_for_ibm_z_systems_eus 6
- cbot_panel 6
- codeready_linux_builder_eus 6
- openstack_platform 6
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-34019 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Toolkit for LearnDa… | |||
| CVE-2023-33994 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in VeronaLabs Slimstat Analytics wp-slimstat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slimstat Analytics: from n/… | |||
| CVE-2023-33324 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in wppal Easy Captcha allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Captcha: from n/a through 1.0. | |||
| CVE-2023-32506 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in Link Whisper Link Whisper Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Link Whisper Free: from n/a through 0.… | |||
| CVE-2023-50884 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LA… | |||
| CVE-2023-49857 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from … | |||
| CVE-2023-49848 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in Marc dooder Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy woo-aliexpress-dropshipping allows Exploiting Incorrectly Configured Access Control Se… | |||
| CVE-2023-49167 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in code4life Database for CF7 database-for-cf7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Database for CF7: from n/… | |||
| CVE-2023-48779 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in 3DWeb 360 Javascript Viewer 360deg-javascript-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 360 Javascript V… | |||
| CVE-2023-48274 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in Mondial Relay WooCommerce - WCMultiShipping WCMultiShipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCMultiSh… | |||
| CVE-2023-47764 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in metaphorcreations Ditty ditty-news-ticker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ditty: from n/a through <= … | |||
| CVE-2023-32299 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in Anzar Ahmed Ni WooCommerce Sales Report ni-woocommerce-sales-report allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects N… | |||
| CVE-2023-30870 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in wooproductimporter Sharkdropship for AliExpress Dropship and Affiliate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affect… | |||
| CVE-2023-28689 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in JoomSky JS Job Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Job Manager: from n/a through 2.0.0. | |||
| CVE-2023-26522 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in OneWebsite WP Repost allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Repost: from n/a through 0.1. | |||
| CVE-2023-25966 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in Ninja Team Filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through 5.1.4. | |||
| CVE-2023-25454 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in Nate Reist Protected Posts Logout Button allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protected Posts Logout Butto… | |||
| CVE-2023-25035 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in Fullworks Quick Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Contact Form : from n/a through 8… | |||
| CVE-2023-28746 | medium | 6.5 | 6.5 | 2y ago | RHSA-2024:5101: kernel security update (Important) | |||
| CVE-2023-46197 | medium | 6.5 | 6.5 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows Relative Path Traversal.This issue affects Popup by Supsystic: … | |||
| CVE-2023-41651 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in Multi-column Tag Map.This issue affects Multi-column Tag Map: from n/a through 17.0.26. | |||
| CVE-2023-6129 | medium | 6.5 | 6.5 | 2y ago | Low: openssl and openssl-fips-provider security update | |||
| CVE-2023-3019 | medium | 6.5 | 6.5 | 2y ago | RHSA-2024:0135: virt:rhel and virt-devel:rhel security update (Moderate) | |||
| CVE-2023-6710 | medium | — | 6.5 | 2y ago | Moderate: mod_jk and mod_proxy_cluster security update | |||
| CVE-2023-23989 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.1.9.2. | |||
| CVE-2023-49768 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Stored XSS.This issue affects WP-FormAssembl… | |||
| CVE-2023-52234 | medium | 6.5 | 6.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Elite for WooCommerce.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.2. | |||
| CVE-2023-52231 | medium | 6.5 | 6.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.2. | |||
| CVE-2023-36679 | medium | 6.5 | 6.5 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6. | |||
| CVE-2023-52228 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mark Kinchin Beds24 Online Booking allows Stored XSS.This issue affects Beds24 Online Booking: fr… | |||
| CVE-2023-7251 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr User Submitted Posts allows Stored XSS.This issue affects User Submitted Posts: from n… | |||
| CVE-2023-49837 | medium | 6.5 | 6.5 | 2y ago | Uncontrolled Resource Consumption vulnerability in David Artiss Code Embed.This issue affects Code Embed: from n/a through 2.3.6. | |||
| CVE-2023-52229 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in Save as PDF plugin by Pdfcrowd Word Replacer Pro.This issue affects Word Replacer Pro: from n/a through 1.0. | |||
| CVE-2023-46218 | medium | 6.5 | 6.5 | 2y ago | RHSA-2024:1601: curl security and bug fix update (Moderate) | |||
| CVE-2023-51385 | medium | 6.5 | 6.5 | 2y ago | RHSA-2024:0606: openssh security update (Moderate) | |||
| CVE-2023-51681 | medium | 6.5 | 6.5 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Duplicator Duplicator – WordPress Migration & Backup Plugin.This issue affects Duplicator – WordPress Migration & Backup Plugin: from n/a through 1.… | |||
| CVE-2023-24416 | medium | 6.5 | 6.5 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Arne Franken All In One Favicon.This issue affects All In One Favicon: from n/a through 4.7. | |||
| CVE-2023-51678 | medium | 6.5 | 6.5 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Doofinder Doofinder WP & WooCommerce Search.This issue affects Doofinder WP & WooCommerce Search: from n/a through 2.0.33. | |||
| CVE-2023-51676 | medium | 6.5 | 6.5 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in Leevio Happy Addons for Elementor.This issue affects Happy Addons for Elementor: from n/a through 3.9.1.1. | |||
| CVE-2023-49765 | medium | 6.5 | 6.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in Blaz K. Rate my Post – WP Rating System.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.1. | |||
| CVE-2023-47191 | medium | 6.5 | 6.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in KaineLabs Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress.This issue affects Youzify –… | |||
| CVE-2023-32799 | medium | 6.5 | 6.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Shipping Multiple Addresses.This issue affects Shipping Multiple Addresses: from n/a through 3.8.3. | |||
| CVE-2023-31231 | medium | 6.5 | 6.5 | 3y ago | Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elemen… | |||
| CVE-2023-30872 | medium | 6.5 | 6.5 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BannerSky BSK Forms Blacklist.This issue affects BSK Forms Blacklist: from n/a through 3.6.2. | |||
| CVE-2023-46311 | medium | 6.5 | 6.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments – wpDiscuz.This issue affects Comments – wpDiscuz: from n/a through 7.6.3. | |||
| CVE-2023-41796 | medium | 6.5 | 6.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in WP Sunshine Sunshine Photo Cart: Free Client Galleries for Photographers.This issue affects Sunshine Photo Cart: Free Client Gallerie… | |||
| CVE-2023-25715 | medium | 6.5 | 6.5 | 3y ago | Missing Authorization vulnerability in GamiPress GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress.This issue affects GamiPress – The #1 gamification … | |||
| CVE-2023-47558 | medium | 6.5 | 6.5 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mahlamusa Who Hit The Page – Hit Counter allows SQL Injection.This issue affects Who Hit The Page… | |||
| CVE-2023-37868 | medium | 6.5 | 6.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons PRO.This issue affects Premium Addons PRO: from n/a through 2.9.0. | |||
| CVE-2023-26533 | medium | 6.5 | 6.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.1. | |||
| CVE-2023-48333 | medium | 6.5 | 6.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pluggabl LLC Booster for WooCommerce.This issue affects Booster for WooCommerce: from n/a through 7.1.1. | |||
| CVE-2023-41239 | medium | 6.5 | 6.5 | 3y ago | Server-Side Request Forgery (SSRF) vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry.This issue affects PowerPress Podcasting plugin by Blubrry: from n/a through 11.0.6. | |||
| CVE-2023-23800 | medium | 6.5 | 6.5 | 3y ago | Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Shortcodes Plugin — Shortcodes Ultimate.This issue affects WP Shortcodes Plugin — Shortcodes Ultimate: from n/a through 5.12.6. | |||
| CVE-2023-23684 | medium | 6.5 | 6.5 | 3y ago | WPGraphQL Plugin vulnerable to Server Side Request Forgery (SSRF) | |||
| CVE-2023-4527 | medium | 6.5 | 6.5 | 3y ago | RHSA-2023:5455: glibc security update (Important) | |||
| CVE-2023-36897 | medium | 6.5 | 6.5 | 3y ago | Visual Studio Tools for Office Runtime Spoofing Vulnerability | |||
| CVE-2023-33151 | medium | 6.5 | 6.5 | 3y ago | Microsoft Outlook Spoofing Vulnerability | |||
| CVE-2023-25136 | medium | 6.5 | 6.5 | 3y ago | OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote a… | |||
| CVE-2023-29237 | medium | 6.3 | 6.3 | 2y ago | Missing Authorization vulnerability in Muhammad Rehman Remove Duplicate Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Remove Duplicate Posts: from n… | |||
| CVE-2023-27449 | medium | 6.3 | 6.3 | 2y ago | Missing Authorization vulnerability in TotalSuite Total Poll Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total Poll Lite: from n/a through 4.8.6. | |||
| CVE-2023-31234 | medium | 6.3 | 6.3 | 2y ago | Missing Authorization vulnerability in Tilda Publishing.This issue affects Tilda Publishing: from n/a through 0.3.23. | |||
| CVE-2023-42345 | medium | 6.1 | 6.1 | 23d ago | Alkacon OpenCms is vulnerable to XSS via updateModelGroups.jsp | |||
| CVE-2023-42343 | medium | 6.1 | 6.1 | 23d ago | Alkacon OpenCms is vulnerable to XSS via cmis-online/type | |||
| CVE-2023-54349 | medium | 6.1 | 6.1 | 25d ago | AmazCart CMS 3.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search functionality. Att… | |||
| CVE-2023-53900 | medium | 6.1 | 6.1 | 6mo ago | Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG files with embedded external links. Attackers can trick administrators into clicking a crafted SVG logo … | |||
| CVE-2023-40000 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from… | |||
| CVE-2023-6047 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Algoritim E-commerce Software allows Reflected XSS. This issue affects E-commerce Software: befo… | |||
| CVE-2023-34020 | medium | 6.1 | 6.1 | 2y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash.This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.6.4.3. | |||
| CVE-2023-33322 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Etoile Web Design Front End Users allows Reflected XSS.This issue affects Front End Users: from n… | |||
| CVE-2023-50905 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log allows Stored XSS.This issue affects WP Activity Log: from n/a through … | |||
| CVE-2023-51533 | medium | 6.1 | 6.1 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart.This issue affects Ecwid Ecommerce Shopping Cart: from n/a through 6.12.4. | |||
| CVE-2023-51488 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls, Surveys & more allows Reflected XSS.This issue af… | |||
| CVE-2023-6673 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in National Keep Cyber Security Services CyberMath allows Reflected XSS. This issue affects CyberMa… | |||
| CVE-2023-51509 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Log… | |||
| CVE-2023-51540 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kunal Nagar Custom 404 Pro allows Stored XSS.This issue affects Custom 404 Pro: from n/a through … | |||
| CVE-2023-7153 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Macroturk Software and Internet Technologies Macro-Bel allows Reflected XSS. This issue affects … | |||
| CVE-2023-52196 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Phil Ewels CPT Bootstrap Carousel allows Reflected XSS.This issue affects CPT Bootstrap Carousel:… | |||
| CVE-2023-52213 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VideoWhisper Rate Star Review – AJAX Reviews for Content, with Star Ratings allows Reflected XSS.… | |||
| CVE-2023-50893 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UpSolution Impreza – WordPress Website and WooCommerce Builder allows Reflected XSS.This issue af… | |||
| CVE-2023-50892 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem - Creative Multi-Purpose & WooCommerce WordPress Theme allows Reflected XSS.Th… | |||
| CVE-2023-51373 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ian Kennerley Google Photos Gallery with Shortcodes allows Reflected XSS.This issue affects Googl… | |||
| CVE-2023-50901 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Mega – Absolute Addons For Elementor allows Reflected XSS.This issue affects HT Mega… | |||
| CVE-2023-32517 | medium | 6.1 | 6.1 | 2y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder.This issue affects MailChimp Subscribe Form, Optin … | |||
| CVE-2023-32101 | medium | 6.1 | 6.1 | 2y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Pexle Chris Library Viewer.This issue affects Library Viewer: from n/a through 2.0.6. | |||
| CVE-2023-31237 | medium | 6.1 | 6.1 | 2y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.9. | |||
| CVE-2023-31229 | medium | 6.1 | 6.1 | 2y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP Directory Kit.This issue affects WP Directory Kit: from n/a through 1.1.9. | |||
| CVE-2023-31095 | medium | 6.1 | 6.1 | 2y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for HubSpot a… | |||
| CVE-2023-28786 | medium | 6.1 | 6.1 | 2y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SolidWP Solid Security – Password, Two Factor Authentication, and Brute Force Protection.This issue affects Solid Security – Passw… | |||
| CVE-2023-51501 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Undsgn Uncode - Creative & WooCommerce WordPress Theme allows Reflected XSS.This issue affects Un… | |||
| CVE-2023-4672 | medium | 6.1 | 6.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Talent Software ECOP allows Reflected XSS. This issue affects ECOP: before 32255. | |||
| CVE-2023-6122 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in İstanbul Soft Informatics and Consultancy Limited Company Softomi Gelişmiş C2C Pazaryeri Yazılımı… | |||
| CVE-2023-5989 | medium | 6.1 | 6.1 | 3y ago | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uyumsoft Information System and Technologies' LioXERP allows an authenticated user to execute … | |||
| CVE-2023-5988 | medium | 6.1 | 6.1 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uyumsoft Information System and Technologies LioXERP allows Reflected XSS. This issue affects Li… | |||
| CVE-2023-46624 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Parcel Pro.This issue affects Parcel Pro: from n/a through 1.6.11. | |||
| CVE-2023-37982 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Salesf… | |||
| CVE-2023-35883 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Magazine3 Core Web Vitals & PageSpeed Booster.This issue affects Core Web Vitals & PageSpeed Booster: from n/a through 1.0.12. | |||
| CVE-2023-45105 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SERVIT Software Solutions affiliate-toolkit – WordPress Affiliate Plugin.This issue affects affiliate-toolkit – WordPress Affiliat… | |||
| CVE-2023-41648 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Swapnil V. Patil Login and Logout Redirect.This issue affects Login and Logout Redirect: from n/a through 2.0.3. | |||
| CVE-2023-40602 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Doofinder Doofinder WP & WooCommerce Search.This issue affects Doofinder WP & WooCommerce Search: from n/a through 1.5.49. | |||
| CVE-2023-38481 | medium | 6.1 | 6.1 | 3y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and Zoho CRM, Books, Invoice, Inventory, Bigin.This issue affects Integration for WooCommerc… |