VulDB is a vulnerability database documenting more than 174000 vulnerabilities since 1970. The following list shows the latest vulnerabilities threats and exploits
- CVE-2023-0448 | WP Helper Premium Plugin up to 4.2.0 on WordPress cross site scripting
- CVE-2023-0419 | Shortcode for Font Awesome Plugin up to 1.4 on WordPress cross site scripting
- CVE-2023-0429 | Watu Quiz Plugin up to 3.3.8.2 on WordPress cross site scripting
- CVE-2022-4669 | Page Builder Live Composer Plugin up to 1.5.22 on WordPress Shortcode cross site scripting
- CVE-2023-0375 | Easy Affiliate Links Plugin up to 3.7.0 on WordPress Block Setting cross site scripting
- CVE-2023-0428 | Watu Quiz Plugin up to 3.3.8.1 on WordPress cross site scripting
- CVE-2023-0059 | Youzify Plugin up to 1.2.1 on WordPress Shortcode cross site scripting
- CVE-2023-0271 | WP Font Awesome up to 1.7.8 on WordPress Shortcode cross site scripting
- CVE-2023-23834 | Spectra Gutenberg Blocks Plugin up to 2.3.1 on WordPress Plugin Activation cross-site request forgery
- CVE-2022-31711 | VMware vRealize Log Insight information disclosure (VMSA-2023-0001)
- CVE-2022-31710 | VMware vRealize Log Insight deserialization (VMSA-2023-0001)
- CVE-2022-31704 | VMware vRealize Log Insight access control (VMSA-2023-0001)
- CVE-2022-31706 | VMware vRealize Log Insight path traversal (VMSA-2023-0001)
- CVE-2023-0474 | Google Chrome prior 109.0.5414.119 GuestView use after free
- CVE-2023-0473 | Google Chrome prior 109.0.5414.119 ServiceWorker API type confusion
- CVE-2023-0472 | Google Chrome prior 109.0.5414.119 WebRTC use after free
- CVE-2023-0471 | Google Chrome prior 109.0.5414.119 WebTransport use after free
- CVE-2023-0169 | Zoho Forms Plugin up to 3.0.0 on WordPress cross site scripting
- CVE-2023-24002 | YouTube Embed Plugin up to 2.6.3 on WordPress cross site scripting
- CVE-2023-0373 | Lightweight Accordion Plugin up to 1.5.14 on WordPress Shortcode cross site scripting
- CVE-2023-24004 | Image and Video Lightbox, Image Popup Plugin up to 2.1.5 on WordPress cross site scripting
- CVE-2023-0166 | PickPlugins Product Slider for WooCommerce Plugin up to 1.13.41 on WordPress cross site scripting
- CVE-2023-0261 | WP TripAdvisor Review Slider Plugin up to 10.7 on WordPress sql injection
- CVE-2023-0262 | WP Airbnb Review Slider Plugin up to 3.2 on WordPress sql injection
- CVE-2022-4385 | Intuitive Custom Post Order Plugin up to 3.1.3 on WordPress Setting authorization
- CVE-2023-22482 | argoproj argocd JWT Audience Claim Remote Code Execution (GHSA-q9hr-j4rf-8fjc)
- CVE-2022-4580 | Twenty20 Image Before-After Plugin up to 1.5.9 on WordPress Shortcode cross site scripting
- CVE-2022-21953 | Rancher access control
- CVE-2023-23977 | Social Comments Plugin up to 1.6.1 on WordPress Shortcode cross site scripting
- CVE-2022-43755 | Rancher cattle-token random values
- CVE-2022-43759 | Rancher PRTB access control
- CVE-2022-43758 | Rancher command injection
- CVE-2023-22736 | argoproj argocd Remote Code Execution
- CVE-2022-43757 | rancher wrangler API missing encryption
- CVE-2022-43756 | rancher wrangler Git Credentials denial of service
- CVE-2013-7490 | DBI Module up to 1.631 on Perl memory corruption
- CVE-2014-4982 | LPAR2RRD 3.5/4.53 command injection (ID 127593 / XFDB-94785)
- CVE-2015-2326 | PCRE up to 8.36 pcre_compile2 out-of-bounds
- CVE-2015-5361 | Juniper Junos OS FTPS inadequate encryption (JSA10706)
- CVE-2022-3806 | zephyrproject-rtos zephyr up to 3.2 Bluetooth HCI double free
- CVE-2023-0396 | zephyrproject-rtos zephyr up to 3.2 Bluetooth HCI buffer overflow
- CVE-2023-0067 | Timed Content Plugin up to 2.72 on WordPress Shortcode cross site scripting
- CVE-2023-23973 | Contact Us Page Plugin up to 3.7.0 on WordPress cross-site request forgery
- CVE-2023-23998 | VikRentCar Car Rental Management System Plugin up to 1.3.0 on WordPress cross site scripting
- CVE-2023-23899 | Extensions for CF7 Plugin up to 2.0.8 on WordPress cross-site request forgery
- CVE-2023-23981 | Conversational Forms for ChatBot Plugin up to 1.1.6 on WordPress cross site scripting
- CVE-2023-23971 | WP Time Slots Booking Form Plugin up to 1.1.81 on WordPress cross site scripting
- CVE-2022-47612 | Participants Database Plugin up to 2.4.5 on WordPress cross-site request forgery
- CVE-2023-23728 | WP Flipclock Plugin up to 1.7.4 on WordPress cross site scripting
- CVE-2023-23987 | User Registration Plugin up to 2.3.0 on WordPress cross site scripting
- CVE-2023-23982 | WPFrom Email Plugin up to 1.8.8 on WordPress cross site scripting
- CVE-2023-23984 | Bubble Menu Plugin up to 3.0.1 on WordPress cross-site request forgery
- CVE-2023-23975 | Quick Event Manager Plugin up to 9.7.4 on WordPress authorization
- CVE-2023-23985 | Quiz Maker Plugin up to 6.3.9.4 on WordPress unknown vulnerability
- CVE-2023-23895 | WP Time Slots Booking Form Plugin up to 1.1.82 on WordPress improper authorization
- CVE-2023-23988 | My Tickets Plugin up to 1.9.11 on WordPress authorization
- CVE-2022-4546 | Mapwiz Plugin up to 1.0.1 on WordPress sql injection
- CVE-2023-23978 | WP Client Reports Plugin up to 1.0.16 on WordPress authorization
- CVE-2023-23986 | Reviews and Rating Plugin up to 4.14 on WordPress authorization
- CVE-2022-25927 | ua-parser-js redos
- CVE-2023-23612 | OpenSearch prior 2.5.0 JWT Role privileges management (GHSA-864v-6qj7-62qj)
- CVE-2023-23613 | OpenSearch prior 2.5.0 keyword information disclosure (GHSA-v3cg-7r9h-r2g6)
- CVE-2023-0356 | SOCOMEC MODULYS GP Netvision 7.20 weak encoding for password (icsa-23-024-02)
- CVE-2022-47596 | Media Library Categories Plugin up to 1.9.9 on WordPress cross site scripting
- CVE-2023-23996 | ProfilePress Plugin up to 4.5.3 on WordPress cross site scripting
- CVE-2023-23980 | MailOptin Plugin up to 1.2.54.0 on WordPress cross site scripting
- CVE-2022-4512 | Better Font Awesome Plugin up to 2.0.3 on WordPress Shortcode cross site scripting
- CVE-2023-0080 | Customer Reviews for WooCommerce Plugin up to 5.15.0 on WordPress file inclusion
- CVE-2023-23896 | MyThemeShop URL Shortener up to 1.0.16 on WordPress authorization
- CVE-2023-23608 | spotipy prior 2.22.1 URI path traversal (GHSA-q764-g6fm-555v)
- CVE-2023-24057 | ca.uhn.hapi.fhir:org.hl7.fhir.core prior 5.6.92 ZIP Archive Privilege Escalation
- CVE-2022-4554 | ID Software B2B Customer Ordering System up to 1.0.0.346 cross site scripting
- CVE-2023-23508 | Apple macOS Windows Installer memory corruption (HT213605)
- CVE-2023-23501 | Apple macOS Wi-Fi memory corruption (HT213605)
- CVE-2023-23517 | Apple macOS WebKit memory corruption (HT213605)
- CVE-2023-23518 | Apple macOS WebKit memory corruption (HT213605)
- CVE-2023-23496 | Apple macOS WebKit Remote Code Execution (HT213605)
- CVE-2023-23511 | Apple macOS Weather memory corruption (HT213605)
- CVE-2022-3705 | Apple macOS Vim use after free (HT213605)
- CVE-2023-23505 | Apple macOS Screen Time information disclosure (HT213605)
- CVE-2023-23512 | Apple macOS Safari denial of service (HT213605)
- CVE-2023-23510 | Apple macOS Safari permission (HT213605)
- CVE-2023-23497 | Apple macOS PackageKit state issue (HT213605)
- CVE-2023-23503 | Apple macOS Maps state issue (HT213605)
- CVE-2023-23498 | Apple macOS Mail Drafts state issue (HT213605)
- CVE-2023-23506 | Apple macOS libxpc permission (HT213605)
- CVE-2023-23504 | Apple macOS Kernel memory corruption (HT213605)
- CVE-2023-23502 | Apple macOS Kernel information disclosure (HT213605)
- CVE-2023-23500 | Apple macOS Kernel memory corruption (HT213605)
- CVE-2023-23507 | Apple macOS Intel Graphics Driver memory corruption (HT213605)
- CVE-2023-23519 | Apple macOS ImageIO memory corruption (HT213605)
- CVE-2023-23493 | Apple macOS DiskArbitration state issue (HT213605)
- CVE-2023-23513 | Apple macOS dcerpc buffer overflow (HT213605)
- CVE-2022-35260 | Apple macOS curl Privilege Escalation (HT213605)
- CVE-2022-32221 | Apple macOS curl Privilege Escalation (HT213605)
- CVE-2022-42916 | Apple macOS curl Privilege Escalation (HT213605)
- CVE-2022-42915 | Apple macOS curl Privilege Escalation (HT213605)
- CVE-2023-23499 | Apple macOS AppleMobileFileIntegrity information disclosure (HT213605)