Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2023
CVE-2023-46824
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin <= 1.7.14 versions.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-11-06
CVE-2023-47177
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yakir Sitbon, Ariel Klikstein Linker plugin <= 1.2.1 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-11-06
CVE-2023-47182
Cross-Site Request Forgery (CSRF) leading to a Stored Cross-Site Scripting (XSS) vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin <= 3.5.2 versions.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-11-06
CVE-2023-47184
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Proper Fraction LLC. Admin Bar & Dashboard Access Control plugin <= 1.2.8 versions.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-11-06
CVE-2023-23702
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pixelgrade Comments Ratings plugin <= 1.1.7 versions.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-11-06
CVE-2023-46084
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bPlugins LLC Icons Font Loader allows SQL Injection.This issue affects Icons Font Loader: from n/a through 1.1.2.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-11-06
CVE-2023-46782
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Chris Yee MomentoPress for Momento360 plugin <= 1.0.1 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-11-06
CVE-2023-38382
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category allows SQL Injection.This issue affects Subscribe to Category: from n/a through 2.7.4.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-11-06
CVE-2023-40207
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RedNao Donations Made Easy – Smart Donations allows SQL Injection.This issue affects Donations Made Easy – Smart Donations: from n/a through 4.0.12.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-11-06
CVE-2023-40609
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aiyaz, maheshpatel Contact form 7 Custom validation allows SQL Injection.This issue affects Contact form 7 Custom validation: from n/a through 1.1.3.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-11-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved