Vulnerabilities protected by our XSS: Cross Site Scripting firewall rule

23,073,997
Attacks Blocked in Past 24 Hours

Showing 6321-6340 of 6,652 Vulnerabilities

Floating Chat Widget - Chaty <= 3.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-3245
Jun 26, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
About Me 3000 widget <= 2.2.6 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-3369
Jun 22, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Customer Service Software & Support Ticket System <= 5.12.0 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE ID Unknown
Jun 22, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Extra User Details <= 0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-35878
Jun 19, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
wpView <= 1.3.0 - Authenticated(Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-33213
Jun 19, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
PrePost SEO <= 3.0 - Authenticated(Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-2029
Jun 19, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Call Now Accessibility Button <= 1.0.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-2635
Jun 19, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Float menu <= 5.0.2 - Authenticated(Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-3225
Jun 19, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Image Protector <= 1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-2026
Jun 19, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Buy Me a Coffee – Button and Widget Plugin <= 3.6 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-2578
Jun 19, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
URL Shortify – Simple, Powerful and Easy URL Shortener Plugin For WordPress <= 1.6.5 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-3129
Jun 19, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
AN_GradeBook <= 5.0.1 - Authenticated(Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-2709
Jun 19, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Seed Fonts 2.3.1 - Authenticated(Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-35779
Jun 16, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Flo Forms <= 1.0.40 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-35095
Jun 15, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
ARMember <= 4.0.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-33323
Jun 13, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Booking and Rental Manager <= 1.2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-35048
Jun 13, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Login Configurator <= 2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-34369
Jun 13, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Password Protected <= 2.6.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-32580
Jun 13, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
FiboSearch - AJAX Search for WooCommerce <= 1.23.0 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-2450
Jun 8, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
PowerPress <= 10.2.3 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Feed[title]'
4.4
CVE ID Unknown
Jun 6, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
Floating Chat Widget - Chaty <= 3.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-3245 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 26, 2023
About Me 3000 widget <= 2.2.6 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-3369 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 22, 2023
Customer Service Software & Support Ticket System <= 5.12.0 - Authenticated (Administrator+) Stored Cross-Site Scripting 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 22, 2023
Extra User Details <= 0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-35878 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 19, 2023
wpView <= 1.3.0 - Authenticated(Administrator+) Stored Cross-Site Scripting CVE-2023-33213 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 19, 2023
PrePost SEO <= 3.0 - Authenticated(Administrator+) Stored Cross-Site Scripting CVE-2023-2029 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 19, 2023
Call Now Accessibility Button <= 1.0.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-2635 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 19, 2023
Float menu <= 5.0.2 - Authenticated(Administrator+) Stored Cross-Site Scripting CVE-2023-3225 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 19, 2023
Image Protector <= 1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-2026 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 19, 2023
Buy Me a Coffee – Button and Widget Plugin <= 3.6 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-2578 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 19, 2023
URL Shortify – Simple, Powerful and Easy URL Shortener Plugin For WordPress <= 1.6.5 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-3129 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 19, 2023
AN_GradeBook <= 5.0.1 - Authenticated(Administrator+) Stored Cross-Site Scripting CVE-2023-2709 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 19, 2023
Seed Fonts 2.3.1 - Authenticated(Administrator+) Stored Cross-Site Scripting CVE-2023-35779 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 16, 2023
Flo Forms <= 1.0.40 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-35095 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 15, 2023
ARMember <= 4.0.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-33323 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 13, 2023
Booking and Rental Manager <= 1.2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-35048 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 13, 2023
Login Configurator <= 2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-34369 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 13, 2023
Password Protected <= 2.6.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-32580 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 13, 2023
FiboSearch - AJAX Search for WooCommerce <= 1.23.0 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-2450 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 8, 2023
PowerPress <= 10.2.3 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Feed[title]' 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 6, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation