CVE-2023-47185
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in gVectors Team Comments — wpDiscuz plugin <= 7.6.11 versions.
Source: CVE-2023-47185
[카테고리:] CVE
CVE-2023-5831
CVE-2023-5831
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, and all versions starting from 16.5.0 before 16.5.1 which have the `super_sidebar_logged_out` feature flag enabled. Affected versions with this default-disabled feature flag enabled may unintentionally disclose GitLab version metadata to unauthorized actors.
Source: CVE-2023-5831
CVE-2023-47184
CVE-2023-47184
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Proper Fraction LLC. Admin Bar & Dashboard Access Control plugin <=Â 1.2.8 versions.
Source: CVE-2023-47184
CVE-2023-47177
CVE-2023-47177
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yakir Sitbon, Ariel Klikstein Linker plugin <=Â 1.2.1 versions.
Source: CVE-2023-47177
CVE-2023-47182
CVE-2023-47182
Cross-Site Request Forgery (CSRF) leading to a Stored Cross-Site Scripting (XSS) vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin <=Â 3.5.2 versions.
Source: CVE-2023-47182
CVE-2023-46783
CVE-2023-46783
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Bright Plugins Pre-Orders for WooCommerce plugin <=Â 1.2.13 versions.
Source: CVE-2023-46783
CVE-2023-46821
CVE-2023-46821
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Milan Petrovic GD Security Headers allows auth. (admin+) SQL Injection.This issue affects GD Security Headers: from n/a through 1.7.
Source: CVE-2023-46821
CVE-2023-46824
CVE-2023-46824
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin <=Â 1.7.14 versions.
Source: CVE-2023-46824
CVE-2023-46822
CVE-2023-46822
Unauth. Reflected Cross-Site Scripting’) vulnerability in Visser Labs Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More plugin <= 2.7.2 versions.
Source: CVE-2023-46822
CVE-2023-46823
CVE-2023-46823
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Avirtum ImageLinks Interactive Image Builder for WordPress allows SQL Injection.This issue affects ImageLinks Interactive Image Builder for WordPress: from n/a through 1.5.4.
Source: CVE-2023-46823