Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Angry Yack Logo
Total 42233 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-23856 1 Sap 1 Business Objects Business Intelligence Platform 2024-11-21 N/A 4.3 MEDIUM
In SAP BusinessObjects Business Intelligence (Web Intelligence user interface) - version 430, some calls return json with wrong content type in the header of the response. As a result, a custom application that calls directly the jsp of Web Intelligence DHTML may be vulnerable to XSS attacks. On successful exploitation an attacker can cause a low impact on integrity of the application.
CVE-2023-23852 1 Sap 1 Solution Manager 2024-11-21 N/A 6.1 MEDIUM
SAP Solution Manager (System Monitoring) - version 720, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
CVE-2023-23833 1 Drop Shadow Boxes Project 1 Drop Shadow Boxes 2024-11-21 N/A 6.5 MEDIUM
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Steven Henty Drop Shadow Boxes plugin <= 1.7.10 versions.
CVE-2023-23832 1 Ultimate Wp Query Search Filter Project 1 Ultimate Wp Query Search Filter 2024-11-21 N/A 6.5 MEDIUM
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in TC Ultimate WP Query Search Filter plugin <= 1.0.10 versions.
CVE-2023-23831 1 Rating-widget 1 Ratingwidget 2024-11-21 N/A 6.5 MEDIUM
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rating-Widget Rating-Widget: Star Review System plugin <= 3.1.9 versions.
CVE-2023-23830 1 Properfraction 1 Profilepress 2024-11-21 N/A 7.1 HIGH
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team ProfilePress plugin <= 4.5.4 versions.
CVE-2023-23829 1 Pierre-jehan 1 Owl Carousel 2024-11-21 N/A 6.5 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pierre JEHAN Owl Carousel plugin <= 0.5.3 versions.
CVE-2023-23828 1 Swas 1 Wp Category Post List 2024-11-21 N/A 6.5 MEDIUM
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Swashata WP Category Post List Widget plugin <= 2.0.3 versions.
CVE-2023-23827 1 Google Maps V3 Shortcode Project 1 Google Maps V3 Shortcode 2024-11-21 N/A 6.5 MEDIUM
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Google Maps v3 Shortcode plugin <= 1.2.1 versions.
CVE-2023-23826 1 Webmechanix 1 Add Posts To Pages 2024-11-21 N/A 6.5 MEDIUM
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Arsham Mirshah Add Posts to Pages plugin <= 1.4.1 versions.
CVE-2023-23822 1 Utm Tracker Project 1 Utm Tracker 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ludwig Media UTM Tracker plugin <= 1.3.1 versions.
CVE-2023-23821 1 Interactive Polish Map Project 1 Interactive Polish Map 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marcin Pietrzak Interactive Polish Map plugin <= 1.2 versions.
CVE-2023-23820 1 Properfraction 1 Profilepress 2024-11-21 N/A 6.5 MEDIUM
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team ProfilePress plugin <= 4.5.4 versions.
CVE-2023-23819 1 Itemprop Wp For Serp\/seo Rich Snippets Project 1 Itemprop Wp For Serp\/seo Rich Snippets 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Rolands Umbrovskis itemprop WP for SERP/SEO Rich snippets plugin <= 3.5.201706131 versions.
CVE-2023-23818 1 Aviplugins 1 Wp Register Profile With Shortcode 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Aviplugins.Com WP Register Profile With Shortcode plugin <= 3.5.7 versions.
CVE-2023-23817 1 Simple Pdf Viewer Project 1 Simple Pdf Viewer 2024-11-21 N/A 6.5 MEDIUM
Auth. (contrinbutor+) Cross-Site Scripting (XSS) vulnerability in WebArea | Vera Nedvyzhenko Simple PDF Viewer plugin <= 1.9 versions.
CVE-2023-23816 1 Sitemap Index Project 1 Sitemap Index 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Twardes Sitemap Index plugin <= 1.2.3 versions.
CVE-2023-23815 1 Multi-column Tag Map Project 1 Multi-column Tag Map 2024-11-21 N/A 6.5 MEDIUM
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Alan Jackson Multi-column Tag Map plugin <= 17.0.24 versions.
CVE-2023-23812 1 Enhanced Wp Contact Form Project 1 Enhanced Wp Contact Form 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joost de Valk Enhanced WP Contact Form plugin <= 2.2.3 versions.
CVE-2023-23811 1 Smoothscroller Project 1 Smoothscroller 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Neil Gee Smoothscroller plugin <= 1.0.0 versions.
CVE-2023-23810 1 Snaborbital 1 Panorama 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SnapOrbital Panorama plugin <= 1.5 versions.
CVE-2023-23809 1 Finviz 1 Stock Market Charts From Finviz 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Moris Dov Stock market charts from finviz plugin <= 1.0.1 versions.
CVE-2023-23808 1 Sponsors Carousel Project 1 Sponsors Carousel 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sergey Panasenko Sponsors Carousel plugin <= 4.02 versions.
CVE-2023-23807 1 Qumos 1 Mojoplug Slide Panel 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Qumos MojoPlug Slide Panel plugin <= 1.1.2 versions.
CVE-2023-23806 1 Wordpress Custom Settings Project 1 Wordpress Custom Settings 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Davinder Singh Custom Settings plugin <= 1.0 versions.
CVE-2023-23799 1 Easy Panorama Project 1 Easy Panorama 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Leonardo Giacone Easy Panorama plugin <= 1.1.4 versions.
CVE-2023-23798 1 Web-settler 1 Layer Slider 2024-11-21 N/A 6.5 MEDIUM
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Muneeb Layer Slider plugin <= 1.1.9.7 versions.
CVE-2023-23794 1 Semalt Blocker Project 1 Semalt Blocker 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Moss Semalt Blocker plugin <= 1.1.3 versions.
CVE-2023-23793 1 8web 1 Read More Without Refresh 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eightweb Interactive Read More Without Refresh plugin <= 3.1 versions.
CVE-2023-23789 1 Premmerce 1 Premmerce Redirect Manager 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Premmerce Premmerce Redirect Manager plugin <= 1.0.9 versions.
CVE-2023-23788 1 Custom More Link Complete Project 1 Custom More Link Complete 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Florin Arjocu Custom More Link Complete plugin <= 1.4.1 versions.
CVE-2023-23786 1 Servit 1 Affiliate-toolkit 2024-11-21 N/A 5.9 MEDIUM
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Christof Servit affiliate-toolkit plugin <= 3.3.3 versions.
CVE-2023-23785 1 Exquisite Paypal Donation Project 1 Exquisite Paypal Donation 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in DgCult Exquisite PayPal Donation plugin <= v2.0.0 versions.
CVE-2023-23756 1 Advcomsys 1 Onevote\! 2024-11-21 N/A 6.1 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in advcomsys.com oneVote component for Joomla. It allows XSS Targeting Non-Script Elements.
CVE-2023-23734 1 Userlike 1 Userlike 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Voswinkel Userlike – WordPress Live Chat plugin <= 2.2 versions.
CVE-2023-23733 1 Lazy Social Comments Project 1 Lazy Social Comments 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joel James Lazy Social Comments plugin <= 2.0.4 versions.
CVE-2023-23732 1 Disqus Conditional Load Project 1 Disqus Conditional Load 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joel James Disqus Conditional Load plugin <= 11.0.6 versions.
CVE-2023-23728 1 Winwar 1 Wp Flipclock 2024-11-21 N/A 6.5 MEDIUM
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Winwar Media WP Flipclock plugin <= 1.7.4 versions.
CVE-2023-23727 1 Formilla 1 Live Chat 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Formilla Live Chat by Formilla plugin <= 1.3 versions.
CVE-2023-23723 1 Winwar 1 Wp Email Capture 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Winwar Media WP Email Capture plugin <= 3.9.3 versions.