Security
Headlines
HeadlinesLatestCVEs

Source

CVE

CVE-2023-46555: Digging/TOTOLINK/X2000R/3/1.md at main · XYIYM/Digging

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPortFw.

CVE
Open in Source
#vulnerability#web#git
CVE-2023-46564: Digging/TOTOLINK/X2000R/6/1.md at main · XYIYM/Digging

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDMZ.

CVE-2023-46554

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDel.

CVE-2023-45750: WordPress Nexter Extension plugin <= 2.0.3 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in POSIMYTH Nexter Extension plugin <= 2.0.3 versions.

CVE-2023-45747: WordPress WP Lightbox 2 plugin <= 3.0.6.5 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Syed Balkhi WP Lightbox 2 plugin <= 3.0.6.5 versions.

CVE-2023-45637: WordPress EventPrime plugin <= 3.1.5 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in EventPrime EventPrime – Events Calendar, Bookings and Tickets plugin <= 3.1.5 versions.

CVE-2023-45644: WordPress CPT Shortcode Generator plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Anurag Deshmukh CPT Shortcode Generator plugin <= 1.0 versions.

CVE-2023-45646: WordPress PDF Block plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Henryholtgeerts PDF Block plugin <= 1.1.0 versions.

CVE-2023-45767: WordPress Simple Tweet plugin <= 1.4.0.2 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wokamoto Simple Tweet plugin <= 1.4.0.2 versions.

CVE-2023-45829: WordPress Newsletter & Bulk Email Sender plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in HappyBox Newsletter & Bulk Email Sender – Email Newsletter Plugin for WordPress plugin <= 2.0.1 versions.