Security Vulnerabilities - CVEs Published In May 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joel James Lazy Social Comments plugin <= 2.0.4 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-05-09
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Voswinkel Userlike – WordPress Live Chat plugin <= 2.2 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-05-09
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Vertical scroll recent post plugin <= 14.0 versions.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-05-09
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Gwyer WP Content Filter plugin <= 3.0.1 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-05-09
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kanban for WordPress Kanban Boards for WordPress plugin <= 2.5.20 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-05-09
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in USB Memory Direct Simple Custom Author Profiles plugin <= 1.0.0 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-05-09
Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in Rymera Web Co Wholesale Suite plugin <= 2.1.5 versions.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-05-09
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ConvertBox ConvertBox Auto Embed WordPress plugin <= 1.0.19 versions.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-05-09
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eightweb Interactive Read More Without Refresh plugin <= 3.1 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-05-09
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitHub repository nilsteampassnet/teampass prior to 3.0.7.
CVSS Score
7.1
EPSS Score
0.003
Published
2023-05-09