Security Vulnerabilities - CVEs Published In March 2023
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Michael Aronoff Very Simple Google Maps plugin <= 2.8.4 versions.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-03-23
Command Injection vulnerability found in Tenda G103 v.1.0.05 allows an attacker to obtain sensitive information via a crafted package
CVSS Score
7.5
EPSS Score
0.017
Published
2023-03-23
TOTOLINK Technology CPE with firmware V6.3c.566 ,allows remote attackers to bypass Login.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-03-23
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in TemplatesNext TemplatesNext ToolKit plugin <= 3.2.7 versions.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-03-23
Reflected Cross-Site Scripting (XSS) vulnerability in Michael Winkler teachPress plugin <= 8.1.8 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-03-23
Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce <= 3.8.6. versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-03-23
Auth. (admin+) Stored Cross-Site Scripting vulnerability in Yannick Lefebvre Community Events plugin <= 1.4.8 versions.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-03-23
Auth. (contributor+) Stored Cross-Site Scripting vulnerability in Nextend Smart Slider 3 plugin <= 3.5.1.9 versions.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-03-23
Reflected Cross-Site Scripting (XSS) vulnerability in Tussendoor internet & marketing Open RDW kenteken voertuiginformatie plugin <= 2.0.14 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-03-23
In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device.
CVSS Score
8.8
EPSS Score
0.008
Published
2023-03-23