Vulnerabilities protected by our XSS: Cross Site Scripting firewall rule

33,784,007
Attacks Blocked in Past 24 Hours

Showing 6161-6180 of 6,219 Vulnerabilities

WP Booking System <= 2.0.18 - Authenticated (Admin+) Stored Cross Site Scripting
4.4
CVE-2023-24402
Feb 2, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
WP htpasswd <= 1.7 - Authenticated (Admin+) Stored Cross Site Scripting
4.4
CVE-2023-25064
Feb 2, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
EZP Coming Soon Page <= 1.0.7.3 - Authenticated (Admin+) Stored Cross Site Scripting
4.4
CVE-2023-24398
Feb 2, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
IP Vault – WP Firewall <= 2.0 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2022-47171
Feb 2, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Usersnap <= 4.16 - Authenticated (Admin+) Stored Cross Site Scripting
4.4
CVE-2022-47607
Feb 2, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
avalex – Automatisch sichere Rechtstexte <= 3.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-25059
Feb 2, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Pinpoint Booking System <= 2.9.9.2.8 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-25062
Feb 2, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Arigato Autoresponder and Newsletter <= 2.1.7.1 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-0543
Jan 31, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
AI Contact Us Form <= 1.0 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-24386
Jan 30, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
WP Email Capture <= 3.9.3 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-23723
Jan 30, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.48 - Authenticated (Admin+) Cross Site Scripting (XSS)
4.4
CVE-2022-47170
Jan 27, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Connect Contact Form 7, WooCommerce To Google Sheets & Other Platforms – Advanced Form Integration <= 1.62.0 - Authenticated (Admin+) Cross Site Scripting
4.4
CVE-2022-47173
Jan 27, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Quick Restaurant Menu <= 2.0.2 - Authenticated (Administrator+) Cross-Site Scripting
4.4
CVE-2023-0553
Jan 27, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
VikBooking Hotel Booking Engine & PMS <= 1.5.11 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-24396
Jan 27, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Organization chart <= 1.4.4 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-24387
Jan 27, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Simple Image Popup <= 1.3.6 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2022-47610
Jan 27, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
ChatBot <= 4.3.0 - Authenticated (Admin+) Cross-Site Scripting
4.4
CVE-2022-47613
Jan 27, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Namaste! LMS <= 2.5.9.1 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-24383
Jan 27, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Advanced Social Pixel <= 2.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-24381
Jan 27, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Watu Quiz <= 3.3.8.2 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-0429
Jan 24, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
WP Booking System <= 2.0.18 - Authenticated (Admin+) Stored Cross Site Scripting CVE-2023-24402 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N February 2, 2023
WP htpasswd <= 1.7 - Authenticated (Admin+) Stored Cross Site Scripting CVE-2023-25064 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N February 2, 2023
EZP Coming Soon Page <= 1.0.7.3 - Authenticated (Admin+) Stored Cross Site Scripting CVE-2023-24398 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N February 2, 2023
IP Vault – WP Firewall <= 2.0 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2022-47171 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N February 2, 2023
Usersnap <= 4.16 - Authenticated (Admin+) Stored Cross Site Scripting CVE-2022-47607 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N February 2, 2023
avalex – Automatisch sichere Rechtstexte <= 3.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-25059 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N February 2, 2023
Pinpoint Booking System <= 2.9.9.2.8 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-25062 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N February 2, 2023
Arigato Autoresponder and Newsletter <= 2.1.7.1 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-0543 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 31, 2023
AI Contact Us Form <= 1.0 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-24386 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 30, 2023
WP Email Capture <= 3.9.3 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-23723 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 30, 2023
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.48 - Authenticated (Admin+) Cross Site Scripting (XSS) CVE-2022-47170 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 27, 2023
Connect Contact Form 7, WooCommerce To Google Sheets & Other Platforms – Advanced Form Integration <= 1.62.0 - Authenticated (Admin+) Cross Site Scripting CVE-2022-47173 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 27, 2023
Quick Restaurant Menu <= 2.0.2 - Authenticated (Administrator+) Cross-Site Scripting CVE-2023-0553 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 27, 2023
VikBooking Hotel Booking Engine & PMS <= 1.5.11 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-24396 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 27, 2023
Organization chart <= 1.4.4 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-24387 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 27, 2023
Simple Image Popup <= 1.3.6 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2022-47610 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 27, 2023
ChatBot <= 4.3.0 - Authenticated (Admin+) Cross-Site Scripting CVE-2022-47613 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 27, 2023
Namaste! LMS <= 2.5.9.1 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-24383 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 27, 2023
Advanced Social Pixel <= 2.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-24381 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 27, 2023
Watu Quiz <= 3.3.8.2 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-0429 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 24, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation