Security Vulnerabilities - CVEs Published In November 2023
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WooCommerce, Automattic WooCommerce Blocks allows Stored XSS.This issue affects WooCommerce: from n/a through 8.1.1; WooCommerce Blocks: from n/a through 11.1.1.
CVSS Score
6.5
EPSS Score
0.003
Published
2023-11-30
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles allows Stored XSS.This issue affects Community by PeepSo – Social Network, Membership, Registration, User Profiles: from n/a through 6.2.2.0.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-11-30
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Akhtarujjaman Shuvo Bootstrap Shortcodes Ultimate allows Stored XSS.This issue affects Bootstrap Shortcodes Ultimate: from n/a through 4.3.1.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-11-30
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Howard Ehrenberg Parallax Image allows Stored XSS.This issue affects Parallax Image: from n/a through 1.7.1.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-11-30
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Laurence/OhMyBox.Info Simple Long Form allows Stored XSS.This issue affects Simple Long Form: from n/a through 2.2.2.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-11-30
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic Jetpack – WP Security, Backup, Speed, & Growth allows Stored XSS.This issue affects Jetpack – WP Security, Backup, Speed, & Growth: from n/a through 12.8-a.1.
CVSS Score
6.5
EPSS Score
0.003
Published
2023-11-30
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paul Menard Simply Exclude allows Reflected XSS.This issue affects Simply Exclude: from n/a through 2.0.6.6.
CVSS Score
5.8
EPSS Score
0.002
Published
2023-11-30
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PT Trijaya Digital Grup TriPay Payment Gateway allows Stored XSS.This issue affects TriPay Payment Gateway: from n/a through 3.2.7.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-11-30
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cybernetikz Easy Social Icons allows Stored XSS.This issue affects Easy Social Icons: from n/a through 3.2.4.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-11-30
A reflected XSS vulnerability allows an open redirect when the victim clicks a malicious link to an error page on
Sophos Email Appliance
older than version 4.5.3.4.
CVSS Score
4.7
EPSS Score
0.001
Published
2023-11-30