Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2023
CVE-2023-23718
Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Esstat17 Page Loading Effects plugin <= 2.0.0 versions.
CVSS Score
5.9
EPSS Score
0.002
Published
2023-03-20
CVE-2023-23721
Cross-Site Request Forgery (CSRF) vulnerability in David Gwyer Admin Log plugin <= 1.50 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-20
CVE-2022-47592
Reflected Cross-Site Scripting (XSS) vulnerability in Dmytriy.Cooperman MagicForm plugin <= 0.1 versions.
CVSS Score
7.1
EPSS Score
0.003
Published
2023-03-20
CVE-2023-22681
Cross-Site Request Forgery (CSRF) vulnerability in Aarvanshinfotech Online Exam Software: eExamhall plugin <= 4.0 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-20
CVE-2023-24381
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NsThemes Advanced Social Pixel plugin <= 2.1.1 versions.
CVSS Score
5.9
EPSS Score
0.003
Published
2023-03-20
CVE-2023-25064
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Matteo Candura WP htpasswd plugin <= 1.7 versions.
CVSS Score
5.9
EPSS Score
0.002
Published
2023-03-20
CVE-2023-25794
Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Mighty Digital Nooz plugin <= 1.6.0 versions.
CVSS Score
5.9
EPSS Score
0.002
Published
2023-03-20
CVE-2023-25795
Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in WP-master.Ir Feed Changer & Remover plugin <= 0.2 versions.
CVSS Score
5.9
EPSS Score
0.002
Published
2023-03-20
CVE-2023-1506
A vulnerability, which was classified as critical, was found in SourceCodester E-Commerce System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument U_USERNAME leads to sql injection. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. VDB-223410 is the identifier assigned to this vulnerability.
CVSS Score
5.6
EPSS Score
0.002
Published
2023-03-20
CVE-2023-1507
A vulnerability has been found in SourceCodester E-Commerce System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /ecommerce/admin/category/controller.php of the component Category Name Handler. The manipulation of the argument CATEGORY leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223411.
CVSS Score
3.5
EPSS Score
0.002
Published
2023-03-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved