🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Vulnerabilities protected by our XSS: Cross Site Scripting firewall rule

33,800,341

Attacks Blocked in Past 24 Hours

Showing 6101-6120 of 6,218 Vulnerabilities

WP Repost <= 0.1 - Authenticated (Administrator+) Stored Cross-Site Scritping

4.4

CVE-2023-26534

Feb 28, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

Advanced Text Widget <= 2.1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting

4.4

CVE-2023-26539

Feb 28, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

Simple File List <= 6.0.9 - Authenticated (Administrator+) Stored Cross-Site Scripting

4.4

CVE-2023-1025

Feb 28, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

WP No External Links <= 1.0.2 - Authenticated (Administrator+) Stored Cross-Site Scritping

4.4

CVE-2023-26537

Feb 28, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

Dashboard Widgets Suite <= 3.2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting

4.4

CVE-2023-26517

Feb 27, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

Publish to Schedule <= 4.5.4 - Authenticated (Administrator+) Stored Cross-Site Scripting

4.4

CVE-2023-26519

Feb 27, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

We’re Open! <= 1.46 - Authenticated (Administrator+) Stored Cross-Site Scripting

4.4

CVE-2023-25964

Feb 27, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

Simple Slug Translate <= 2.7.2 - Authenticated (Administrator+) Stored Cross-Site Scritping

4.4

CVE-2023-26515

Feb 27, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

All in One SEO Pack <= 4.2.9 - Authenticated (Administrator+) Stored Cross-Site Scripting

4.4

CVE-2023-0585

Feb 24, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

Chat Bee <= 1.1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting

4.4

CVE-2023-26538

Feb 24, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

Custom Login Page <= 2.0 - Authenticated (Administrator+) Stored Cross-Site Scripting

4.4

CVE-2023-26012

Feb 23, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

Simple Portfolio Gallery <= 0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting

4.4

CVE-2023-26016

Feb 23, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

CPT – Speakers <= 1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting

4.4

CVE-2023-25977

Feb 23, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

CM Answers <= 3.1.9 - Authenticated (Administrator+) Stored Cross-Site Scripting

4.4

CVE-2023-25992

Feb 23, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

TypeSquare Webfonts for ConoHa <= 2.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting

4.4

CVE-2023-25458

Feb 23, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

WPMobile.App — Android and iOS Mobile Application <= 11.18 - Authenticated (Administrator+) Stored Cross-Site Scripting

4.4

CVE-2023-26010

Feb 23, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

Accordions <= 2.3.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Several Parameters

4.4

CVE-2023-25962

Feb 22, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

Calculated Fields Form <= 1.1.150 - Authenticated (Administrator+) Stored Cross-Site Scripting

4.4

CVE-2023-0389

Feb 22, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

4.4

CVE-2023-26008

Feb 22, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

Старт <= 3.7 - Authenticated (Administrator+) Stored Cross-Site Scripting

4.4

CVE-2023-25972

Feb 21, 2023

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
WP Repost <= 0.1 - Authenticated (Administrator+) Stored Cross-Site Scritping	CVE-2023-26534	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 28, 2023
Advanced Text Widget <= 2.1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting	CVE-2023-26539	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 28, 2023
Simple File List <= 6.0.9 - Authenticated (Administrator+) Stored Cross-Site Scripting	CVE-2023-1025	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 28, 2023
WP No External Links <= 1.0.2 - Authenticated (Administrator+) Stored Cross-Site Scritping	CVE-2023-26537	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 28, 2023
Dashboard Widgets Suite <= 3.2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting	CVE-2023-26517	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 27, 2023
Publish to Schedule <= 4.5.4 - Authenticated (Administrator+) Stored Cross-Site Scripting	CVE-2023-26519	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 27, 2023
We’re Open! <= 1.46 - Authenticated (Administrator+) Stored Cross-Site Scripting	CVE-2023-25964	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 27, 2023
Simple Slug Translate <= 2.7.2 - Authenticated (Administrator+) Stored Cross-Site Scritping	CVE-2023-26515	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 27, 2023
All in One SEO Pack <= 4.2.9 - Authenticated (Administrator+) Stored Cross-Site Scripting	CVE-2023-0585	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 24, 2023
Chat Bee <= 1.1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting	CVE-2023-26538	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 24, 2023
Custom Login Page <= 2.0 - Authenticated (Administrator+) Stored Cross-Site Scripting	CVE-2023-26012	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 23, 2023
Simple Portfolio Gallery <= 0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting	CVE-2023-26016	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 23, 2023
CPT – Speakers <= 1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting	CVE-2023-25977	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 23, 2023
CM Answers <= 3.1.9 - Authenticated (Administrator+) Stored Cross-Site Scripting	CVE-2023-25992	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 23, 2023
TypeSquare Webfonts for ConoHa <= 2.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting	CVE-2023-25458	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 23, 2023
WPMobile.App — Android and iOS Mobile Application <= 11.18 - Authenticated (Administrator+) Stored Cross-Site Scripting	CVE-2023-26010	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 23, 2023
Accordions <= 2.3.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Several Parameters	CVE-2023-25962	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 22, 2023
Calculated Fields Form <= 1.1.150 - Authenticated (Administrator+) Stored Cross-Site Scripting	CVE-2023-0389	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 22, 2023
Top 10 – Popular posts plugin - <= 3.2.4 - Authenticated(Admin+) Stored Cross-Site Scripting	CVE-2023-26008	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 22, 2023
Старт <= 3.7 - Authenticated (Administrator+) Stored Cross-Site Scripting	CVE-2023-25972	4.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N	February 21, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation