Vulnerabilities protected by our XSS: Cross Site Scripting firewall rule

23,034,136
Attacks Blocked in Past 24 Hours

Showing 6201-6220 of 6,652 Vulnerabilities

WWM Social Share On Image Hover <= 2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-44239
Sep 29, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Blocks <= 1.6.42 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-44262
Sep 28, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Modern Events Calendar lite < 7.1.0 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-4021
Sep 28, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Onclick Show Popup <= 8.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-44228
Sep 28, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Tiny Carousel Horizontal Slider <= 8.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-44229
Sep 28, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Simple Posts Ticker <= 1.1.5 - Authenticated(Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-4725
Sep 25, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Migration, Backup, Staging – WPvivid <= 0.9.89 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-5121
Sep 22, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Migration, Backup, Staging – WPvivid <= 0.9.89 - Authenticated Stored Cross-Site Scripting
4.4
CVE-2023-5120
Sep 22, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
EventON <= 2.1.7 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-4388
Sep 21, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce <= 3.1.37.1 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-4423
Sep 20, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
File Manager Pro <= 1.8 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-4862
Sep 19, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Table of Contents Plus <= 2302 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE ID Unknown
Sep 19, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Bit Assist <= 1.1.9 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-51371
Sep 18, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
WP Customer Reviews <= 3.6.6 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-4648
Sep 13, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Photospace Responsive <= 2.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-4271
Sep 12, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Wordpress File Upload <= 4.23.2 - Authenticated(Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-4811
Sep 12, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Jetpack CRM <= 5.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE ID Unknown
Sep 12, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
UniConsent Cookie Consent CMP for GDPR / CCPA <= 1.4.3 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-41800
Sep 5, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Regpack <= 0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-41855
Sep 5, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Email posts to subscribers <= 6.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-41736
Sep 5, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
WWM Social Share On Image Hover <= 2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-44239 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 29, 2023
Blocks <= 1.6.42 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-44262 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 28, 2023
Modern Events Calendar lite < 7.1.0 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-4021 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 28, 2023
Onclick Show Popup <= 8.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-44228 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 28, 2023
Tiny Carousel Horizontal Slider <= 8.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-44229 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 28, 2023
Simple Posts Ticker <= 1.1.5 - Authenticated(Administrator+) Stored Cross-Site Scripting CVE-2023-4725 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 25, 2023
Migration, Backup, Staging – WPvivid <= 0.9.89 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-5121 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 22, 2023
Migration, Backup, Staging – WPvivid <= 0.9.89 - Authenticated Stored Cross-Site Scripting CVE-2023-5120 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 22, 2023
EventON <= 2.1.7 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-4388 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 21, 2023
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce <= 3.1.37.1 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-4423 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 20, 2023
File Manager Pro <= 1.8 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-4862 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 19, 2023
Table of Contents Plus <= 2302 - Authenticated (Administrator+) Stored Cross-Site Scripting 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 19, 2023
Bit Assist <= 1.1.9 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-51371 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 18, 2023
WP Customer Reviews <= 3.6.6 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-4648 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 13, 2023
Photospace Responsive <= 2.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-4271 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 12, 2023
Wordpress File Upload <= 4.23.2 - Authenticated(Administrator+) Stored Cross-Site Scripting CVE-2023-4811 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 12, 2023
Jetpack CRM <= 5.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 12, 2023
UniConsent Cookie Consent CMP for GDPR / CCPA <= 1.4.3 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41800 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Regpack <= 0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41855 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Email posts to subscribers <= 6.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41736 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation