191
|
4.8 |
MEDIUM
Network
|
omaksolutions
|
slick_popup
|
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin <= 1.7.14 versions.
Update
|
CWE-79
Cross-site Scripting
|
CVE-2023-46824
|
2024-10-30 04:35 |
2023-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
192
|
6.1 |
MEDIUM
Network
|
visser
|
store_exporter_for_woocommerce
|
Unauth. Reflected Cross-Site Scripting') vulnerability in Visser Labs Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More plugin <= 2.7.2 versions.
Update
|
CWE-79
Cross-site Scripting
|
CVE-2023-46822
|
2024-10-30 04:35 |
2023-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
193
|
5.4 |
MEDIUM
Network
|
brightplugins
|
pre-orders_for_woocommerce
|
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Bright Plugins Pre-Orders for WooCommerce plugin <= 1.2.13 versions.
Update
|
CWE-79
Cross-site Scripting
|
CVE-2023-46783
|
2024-10-30 04:35 |
2023-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
194
|
5.4 |
MEDIUM
Network
|
chrisyee
|
momentopress_for_momento360
|
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Chris Yee MomentoPress for Momento360 plugin <= 1.0.1 versions.
Update
|
CWE-79
Cross-site Scripting
|
CVE-2023-46782
|
2024-10-30 04:35 |
2023-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
195
|
5.5 |
MEDIUM
Local
|
nta
|
e-tax
|
e-Tax software Version3.0.10 and earlier improperly restricts XML external entity references (XXE) due to the configuration of the embedded XML parser. By processing a specially crafted XML file, arb…
Update
|
CWE-611
XXE
|
CVE-2023-46802
|
2024-10-30 04:35 |
2023-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
196
|
5.4 |
MEDIUM
Network
|
sixapart
|
movable_type
|
Cross-site scripting vulnerability in Movable Type series allows a remote authenticated attacker to inject an arbitrary script. Affected products/versions are as follows: Movable Type 7 r.5405 and ea…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2023-45746
|
2024-10-30 04:35 |
2023-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
197
|
4.3 |
MEDIUM
Network
|
vmware
|
vcenter_server
|
vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data.
Update
|
NVD-CWE-noinfo
|
CVE-2023-34056
|
2024-10-30 04:35 |
2023-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
198
|
3.3 |
LOW
Local
|
apple
|
iphone_os macos watchos ipados
|
The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14. An app may be able to identify what other apps a user…
Update
|
NVD-CWE-noinfo
|
CVE-2023-35990
|
2024-10-30 04:35 |
2023-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
199
|
7.1 |
HIGH
Local
|
hcltech
|
dryice_mycloud
|
HCL DRYiCE MyCloud is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information.
Update
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2023-23346
|
2024-10-30 04:35 |
2023-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
200
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
This issue was addressed with improved data protection. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the fil…
Update
|
NVD-CWE-noinfo
|
CVE-2023-35983
|
2024-10-30 04:35 |
2023-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|