Vulnerabilities protected by our XSS: Cross Site Scripting firewall rule

23,232,929
Attacks Blocked in Past 24 Hours

Showing 6361-6380 of 6,652 Vulnerabilities

WordPress File Upload / WordPress File Upload Pro <= 4.19.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-2767
May 23, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Easy Admin Menu <= 1.3 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-33929
May 23, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
AI ChatBot <= 4.5.4 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-2742
May 22, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
WP-Piwik <= 1.0.27 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Display Name
4.4
CVE-2023-33211
May 22, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Novelist <= 1.2.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Book Information Fields
4.4
CVE-2023-32958
May 22, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
MailChimp Subscribe Forms <= 4.0.9.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-33328
May 22, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
QuBotChat <= 1.1.5 - Authenticated(Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-2401
May 22, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Custom Post Type Generator <= 2.4.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via plugin settings
4.4
CVE-2023-33329
May 22, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
AI ChatBot <= 4.6.0 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-3175
May 22, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Ultimate Dashboard <= 3.7.5 - Authenticated(Administrator+) Stored Cross-Site Scripting via plugin settings
4.4
CVE-2023-2812
May 21, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
WooDiscuz – WooCommerce Comments <= 2.2.9 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-33216
May 19, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
AI Engine: ChatGPT Chatbot, Content Generator, GPT 3 & 4, Ultra-Customizable <= 1.6.82 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-2580
May 19, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Cookie Monster <= 1.51 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-33208
May 18, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
WP htaccess Control <= 3.5.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-25462
May 18, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
nuajik CDN <= 0.1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-33210
May 18, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
WeSecur Security <= 1.2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-24390
May 18, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
WishSuite <= 1.3.4 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-32962
May 18, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Scripts n Styles <= 3.5.3 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-31236
May 18, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
PixelYourSite <= 9.3.6 and PixelYourSite Pro <= 9.6.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-2584
May 16, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Chaty <= 3.0.9 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE ID Unknown
May 16, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
WordPress File Upload / WordPress File Upload Pro <= 4.19.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-2767 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 23, 2023
Easy Admin Menu <= 1.3 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-33929 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 23, 2023
AI ChatBot <= 4.5.4 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-2742 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 22, 2023
WP-Piwik <= 1.0.27 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Display Name CVE-2023-33211 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 22, 2023
Novelist <= 1.2.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Book Information Fields CVE-2023-32958 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 22, 2023
MailChimp Subscribe Forms <= 4.0.9.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-33328 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 22, 2023
QuBotChat <= 1.1.5 - Authenticated(Administrator+) Stored Cross-Site Scripting CVE-2023-2401 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 22, 2023
Custom Post Type Generator <= 2.4.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via plugin settings CVE-2023-33329 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 22, 2023
AI ChatBot <= 4.6.0 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-3175 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 22, 2023
Ultimate Dashboard <= 3.7.5 - Authenticated(Administrator+) Stored Cross-Site Scripting via plugin settings CVE-2023-2812 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 21, 2023
WooDiscuz – WooCommerce Comments <= 2.2.9 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-33216 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 19, 2023
AI Engine: ChatGPT Chatbot, Content Generator, GPT 3 & 4, Ultra-Customizable <= 1.6.82 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-2580 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 19, 2023
Cookie Monster <= 1.51 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-33208 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 18, 2023
WP htaccess Control <= 3.5.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-25462 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 18, 2023
nuajik CDN <= 0.1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-33210 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 18, 2023
WeSecur Security <= 1.2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-24390 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 18, 2023
WishSuite <= 1.3.4 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-32962 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 18, 2023
Scripts n Styles <= 3.5.3 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-31236 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 18, 2023
PixelYourSite <= 9.3.6 and PixelYourSite Pro <= 9.6.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-2584 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 16, 2023
Chaty <= 3.0.9 - Authenticated (Admin+) Stored Cross-Site Scripting 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N May 16, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation