• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-40190

February 23, 2023 by godfreyd94

SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in users’ browsers and steal sensitive information, including user credentials.

CVE-2022-40191

February 23, 2023 by godfreyd94

Authenticated (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in Ali Khallad’s Contact Form By Mega Forms plugin <= 1.2.4 at WordPress.

CVE-2022-40193

February 23, 2023 by godfreyd94

Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in Awesome Filterable Portfolio plugin <= 1.9.7 at WordPress.

CVE-2022-40195

February 23, 2023 by godfreyd94

Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PCA Predict plugin <= 1.0.3 at WordPress.

CVE-2022-40204

February 23, 2023 by godfreyd94

A cross-site scripting (XSS) vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login.

CVE-2022-4010

February 23, 2023 by godfreyd94

The Image Hover Effects WordPress plugin before 5.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 1823
  • Go to page 1824
  • Go to page 1825
  • Go to page 1826
  • Go to page 1827
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE