Security Vulnerabilities - CVEs Published In August 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ihomefinder Optima Express + MarketBoost IDX Plugin plugin <= 7.3.0 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-08-14
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in iControlWP Article Directory Redux plugin <= 1.0.2 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-08-14
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Silvia Pfeiffer and Andrew Nimmo External Videos plugin <= 2.0.1 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-08-14
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paytm Paytm Payment Donation plugin <= 2.2.0 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-08-14
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in a3rev Software a3 Portfolio plugin <= 3.1.0 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-08-14
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin – Coupon Affiliates plugin <= 5.4.5 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-08-14
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Essitco AFFILIATE Solution plugin <= 1.0 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-08-14
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.9.2 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-08-14
A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.
CVSS Score
9.8
EPSS Score
0.009
Published
2023-08-14
An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.
CVSS Score
9.8
EPSS Score
0.009
Published
2023-08-14