CVEDB API

Vulnerabilities

Vulnerable Software

Security Vulnerabilities - CVEs Published In May 2023

CVE-2023-23785

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in DgCult Exquisite PayPal Donation plugin <= v2.0.0 versions.

CVSS Score

5.9

EPSS Score

0.001

Published

2023-05-03

CVE-2023-23808

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sergey Panasenko Sponsors Carousel plugin <= 4.02 versions.

CVSS Score

5.9

EPSS Score

0.001

Published

2023-05-03

CVE-2023-23876

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in TMS-Plugins wpDataTables plugin <= 2.1.49 versions.

CVSS Score

6.5

EPSS Score

0.001

Published

2023-05-03

CVE-2023-25979

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Video Gallery by Total-Soft Video Gallery plugin <= 1.7.6 versions.

CVSS Score

5.9

EPSS Score

0.001

Published

2023-05-03

CVE-2023-23874

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Metaphor Creations Ditty plugin <= 3.0.32 versions.

CVSS Score

6.5

EPSS Score

0.001

Published

2023-05-03

CVE-2023-22683

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Themis Solutions, Inc. Clio Grow plugin <= 1.0.0 versions.

CVSS Score

5.9

EPSS Score

0.001

Published

2023-05-03

CVE-2023-23820

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team ProfilePress plugin <= 4.5.4 versions.

CVSS Score

6.5

EPSS Score

0.001

Published

2023-05-03

CVE-2023-1385

Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS 7.6.3.3.

CVSS Score

7.1

EPSS Score

0.0

Published

2023-05-03

CVE-2023-23708

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin <= 3.9.4 versions.

CVSS Score

6.5

EPSS Score

0.001

Published

2023-05-03

CVE-2023-1384

The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3.

CVSS Score

4.3

EPSS Score

0.001

Published

2023-05-03

Prev Next

Page 228

Vulnerabilities

Vulnerable Software

Security Vulnerabilities - CVEs Published In May 2023

Products

Pricing

Contact Us