• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-0898

February 23, 2023 by

The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don’t have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues

CVE-2022-0899

February 23, 2023 by

The Header Footer Code Manager WordPress plugin before 1.1.24 does not escape generated URLs before outputting them back in attributes in an admin page, leading to a Reflected Cross-Site Scripting.

CVE-2022-0900

February 23, 2023 by

A Stored Cross-Site Scripting (XSS) vulnerability in DivvyDrive’s “aciklama” parameter could allow anyone to gain users’ session informations.

CVE-2022-0901

February 23, 2023 by

The Ad Inserter Free and Pro WordPress plugins before 2.7.12 do not sanitise and escape the REQUEST_URI before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters

CVE-2022-0906

February 23, 2023 by

Unrestricted file upload leads to stored XSS in GitHub repository microweber/microweber prior to 1.1.12.

CVE-2022-0911

February 23, 2023 by

Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.4.0.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2140
  • Go to page 2141
  • Go to page 2142
  • Go to page 2143
  • Go to page 2144
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE