• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-0706

February 23, 2023 by

The Easy Digital Downloads WordPress plugin before 2.11.6 does not sanitise and escape the Downloadable File Name in the Logs, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfiltered_html capability is disallowed

CVE-2022-0710

February 23, 2023 by

The Header Footer Code Manager plugin <= 1.1.16 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter.

CVE-2022-0719

February 23, 2023 by

Cross-site Scripting (XSS) – Reflected in GitHub repository microweber/microweber prior to 1.3.

CVE-2022-0723

February 23, 2023 by

Cross-site Scripting (XSS) – Reflected in GitHub repository microweber/microweber prior to 1.2.11.

CVE-2022-0728

February 23, 2023 by

The Easy Smooth Scroll Links WordPress plugin before 2.23.1 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

CVE-2022-0734

February 23, 2023 by

A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that could allow an attacker to obtain some information stored in the user’s browser, such as cookies or session tokens, via a malicious script.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2151
  • Go to page 2152
  • Go to page 2153
  • Go to page 2154
  • Go to page 2155
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE