Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2023
CVE-2023-47835
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.2.32 versions.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-11-23
CVE-2023-47839
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress plugin <= 3.3.26 versions.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-11-23
CVE-2023-40002
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pluggabl LLC Booster for WooCommerce plugin <= 7.1.1 versions.
CVSS Score
6.5
EPSS Score
0.003
Published
2023-11-23
CVE-2023-47668
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StellarWP Membership Plugin – Restrict Content plugin <= 3.2.7 versions.
CVSS Score
5.3
EPSS Score
0.055
Published
2023-11-23
CVE-2023-47790
Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability in Poporon Pz-LinkCard plugin <= 2.4.8 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-11-23
CVE-2023-47833
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeroen Schmit Theater for WordPress plugin <= 0.18.3 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-11-23
CVE-2023-47834
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExpressTech Quiz And Survey Master plugin <= 8.1.13 versions.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-11-23
CVE-2023-23978
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SwitchWP WP Client Reports plugin <= 1.0.16 versions.
CVSS Score
4.3
EPSS Score
0.003
Published
2023-11-23
CVE-2023-30581
The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js
CVSS Score
7.5
EPSS Score
0.0
Published
2023-11-23
CVE-2023-47821
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jannis Thuemmig Email Encoder plugin <= 2.1.8 versions.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-11-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved