Vulnerabilities protected by our XSS: Cross Site Scripting firewall rule

32,833,240
Attacks Blocked in Past 24 Hours

Showing 4341-4360 of 6,138 Vulnerabilities

Zoho SalesIQ <= 1.0.8 - Cross-Site Scripting
6.1
CVE-2019-5962
May 31, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Zoho SalesIQ <= 1.0.8 - Stored Cross-Site Scripting
7.2
CVE-2019-15644
May 31, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
WP Statistics <= 12.6.5 - Stored Cross-Site Scripting
6.4
CVE-2019-12566
May 31, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
SAML Single Sign On – SAML SSO Login < 4.8.73 - Cross-Site Scripting
6.1
CVE-2019-12346
May 27, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Hostel <= 1.1.3 - Stored Cross-Site Scripting
7.2
CVE-2019-12345
May 25, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Event Management Tickets Booking By Event Monster Plugin < 1.0.6 - Cross-Site Scripting
7.2
CVE ID Unknown
May 23, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
WP Slimstat <= 4.8 - Unauthenticated Stored Cross-Site Scripting from Visitors
6.1
CVE-2019-15112
May 21, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
FV Flowplayer Video Player <= 7.3.13.727 - Unauthenticated Stored Cross-Site Scripting
6.1
CVE-2019-14799
May 20, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Live Chat with Messenger Customer Chat <= 1.4.6 - Unauthenticated Stored Cross-Site Scripting
7.2
CVE ID Unknown
May 17, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Woocommerce Products Price Bulk Edit <= 2.0 - Cross-Site Scripting via show_products_page_limit parameter
5.4
CVE-2019-14796
May 17, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Toggle The Title <= 1.4 - Cross-Site Scripting
4.8
CVE-2019-14795
May 16, 2019
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
GiveWP <= 2.4.6 - Cross-Site Scripting
5.4
CVE-2019-15317
May 15, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Register IPs <= 1.8.0 - Unauthenticated Stored Cross-Site Scripting
8.3
CVE ID Unknown
May 14, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
Ultimate Member <= 2.0.45 - Low-Privileged Stored Cross-Site Scripting
6.4
CVE ID Unknown
May 13, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Ultimate Member <= 2.0.45 - Admin+ Stored Cross-Site Scripting
5.5
CVE ID Unknown
May 13, 2019
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Photo Gallery by 10Web <= 1.5.22 - Authenticated Cross-Site Scripting
5.4
CVE-2019-14797
May 13, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Ultimate Faqs <= 1.8.21 - Cross-Site Scripting
6.1
CVE-2019-15643
May 8, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Custom Field Suite <= 2.5.14 - Authenticated Cross-Site Scripting
5.4
CVE-2019-11871
May 8, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
W3 Total Cache plugin <= 0.9.7.3 - Reflected Cross-Site Scripting
6.1
CVE ID Unknown
May 7, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Travel Booking WordPress Theme < 2.7.8.4 - Cross-Site Scripting
6.4
CVE ID Unknown
May 5, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
Zoho SalesIQ <= 1.0.8 - Cross-Site Scripting CVE-2019-5962 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N May 31, 2019
Zoho SalesIQ <= 1.0.8 - Stored Cross-Site Scripting CVE-2019-15644 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N May 31, 2019
WP Statistics <= 12.6.5 - Stored Cross-Site Scripting CVE-2019-12566 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N May 31, 2019
SAML Single Sign On – SAML SSO Login < 4.8.73 - Cross-Site Scripting CVE-2019-12346 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N May 27, 2019
Hostel <= 1.1.3 - Stored Cross-Site Scripting CVE-2019-12345 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N May 25, 2019
Event Management Tickets Booking By Event Monster Plugin < 1.0.6 - Cross-Site Scripting 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N May 23, 2019
WP Slimstat <= 4.8 - Unauthenticated Stored Cross-Site Scripting from Visitors CVE-2019-15112 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N May 21, 2019
FV Flowplayer Video Player <= 7.3.13.727 - Unauthenticated Stored Cross-Site Scripting CVE-2019-14799 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N May 20, 2019
Live Chat with Messenger Customer Chat <= 1.4.6 - Unauthenticated Stored Cross-Site Scripting 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N May 17, 2019
Woocommerce Products Price Bulk Edit <= 2.0 - Cross-Site Scripting via show_products_page_limit parameter CVE-2019-14796 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N May 17, 2019
Toggle The Title <= 1.4 - Cross-Site Scripting CVE-2019-14795 4.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N May 16, 2019
GiveWP <= 2.4.6 - Cross-Site Scripting CVE-2019-15317 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N May 15, 2019
Register IPs <= 1.8.0 - Unauthenticated Stored Cross-Site Scripting 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L May 14, 2019
Ultimate Member <= 2.0.45 - Low-Privileged Stored Cross-Site Scripting 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N May 13, 2019
Ultimate Member <= 2.0.45 - Admin+ Stored Cross-Site Scripting 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N May 13, 2019
Photo Gallery by 10Web <= 1.5.22 - Authenticated Cross-Site Scripting CVE-2019-14797 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N May 13, 2019
Ultimate Faqs <= 1.8.21 - Cross-Site Scripting CVE-2019-15643 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N May 8, 2019
Custom Field Suite <= 2.5.14 - Authenticated Cross-Site Scripting CVE-2019-11871 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N May 8, 2019
W3 Total Cache plugin <= 0.9.7.3 - Reflected Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N May 7, 2019
Travel Booking WordPress Theme < 2.7.8.4 - Cross-Site Scripting 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N May 5, 2019

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation