• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2023-0275
Easy Accept Payments For Paypal, Tipsandtricks-hq
Accept_stripe, All_in_one_wp_security_&_firewall, Category_specific_rss_feed_subscription, Compact_wp_audio_player, Donations_via_paypal, Easy_accept_payments_for_paypal, Far_future_expiry_header, Simple_download_monitor, Software_license_manager, Wordpress_simple_paypal_shopping_cart
2023-02-15
N/A
5.4 MEDIUM
The Easy Accept Payments for PayPal WordPress plugin before 4.9.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
CVE-2023-0271
Wp Font Awesome Project
Wp_font_awesome
2023-02-21
N/A
N/A
The WP Font Awesome WordPress plugin before 1.7.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embedded, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
CVE-2023-0270
Yamaps Project
Yamaps
2023-02-15
N/A
5.4 MEDIUM
The YaMaps for WordPress Plugin WordPress plugin before 0.6.26 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
CVE-2023-0269
2023-01-17
N/A
N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.
CVE-2023-0266
Linux
Acrn, Audit, Dhcp6c, Direct_connect, Infiniband_hfi1_driver, Ipsec_tools_racoon_daemon, Kernel, Layer_2_tunneling_protocol, Linux_kernel, Linux_kernel_i40e/i40evf
2023-02-06
N/A
7.8 HIGH
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e
CVE-2023-0263
Ljapps, Wp Yelp Review Slider
Wp_airbnb_review_slider, Wp_google_review_slider, Wp_review_slider, Wp_tripadvisor_review_slider, Wp_yelp_review_slider
2023-02-15
N/A
8.8 HIGH
The WP Yelp Review Slider WordPress plugin before 7.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.
CVE-2023-0262
Ljapps, Wp Airbnb Review Slider
Wp_airbnb_review_slider, Wp_google_review_slider, Wp_review_slider, Wp_tripadvisor_review_slider, Wp_yelp_review_slider
2023-02-15
N/A
8.8 HIGH
The WP Airbnb Review Slider WordPress plugin before 3.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.
CVE-2023-0261
Ljapps, Wp Tripadvisor Review Slider
Wp_airbnb_review_slider, Wp_google_review_slider, Wp_review_slider, Wp_tripadvisor_review_slider, Wp_yelp_review_slider
2023-02-15
N/A
8.8 HIGH
The WP TripAdvisor Review Slider WordPress plugin before 10.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.
CVE-2023-0260
Ljapps, Wp Review Slider
Wp_airbnb_review_slider, Wp_google_review_slider, Wp_review_slider, Wp_tripadvisor_review_slider, Wp_yelp_review_slider
2023-02-15
N/A
8.8 HIGH
The WP Review Slider WordPress plugin before 12.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.
CVE-2023-0259
Ljapps, Wp Google Review Slider
Wp_airbnb_review_slider, Wp_google_review_slider, Wp_review_slider, Wp_tripadvisor_review_slider, Wp_yelp_review_slider
2023-02-15
N/A
8.8 HIGH
The WP Google Review Slider WordPress plugin before 11.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.
« Previous 1 … 11,239 11,240 11,241 11,242 11,243 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE