Wordfence Intelligence   >   Search Results

Showing 21-40 of 453 search results

Refine your search

Tip: You can search by CVE ID, software name or slug, or the researcher name. Expand to read about more advanced search options.

If you want to perform more advanced lookups, you can use keywords to further refine your search.

For example, woocommerce researcher:"chloe chamberland" would search for any vulnerabilities discovered by Chloe Chamberland in software that has WooCommerce in the title.

Keywords are added in keyword:value format. If the value contains spaces, you must enclose it in quotation marks.

You can use the following keywords to add criteria to your search:

title
Searches through the title of each vulnerability for matches.
date
Returns vulnerabilities by publication date. Use YYYY-MM-DD, YYYY-MM or YYYY format.
cvss-rating
Use low, medium, high or critical to limit the search to vulnerabilities with the specified rating.
researcher
Returns vulnerabilities credited to researchers containing the given text.
software
Returns vulnerabilities discovered in software containing the given text.
software-slug
Returns vulnerabilities discovered in software exactly matching the given slug.
software-type
Use plugin, theme or core to limit the search to the specified type of software.
By selecting “Search” you acknowledge that you have read and agree to the Wordfence Intelligence Terms and Conditions.
AI Contact Us Form <= 1.0 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-24386
Jan 30, 2023
Researcher: Aswin Balaji
GS Portfolio for Envato <= 1.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2023-0559
Jan 30, 2023
Researcher: István Márton
GS Filterable Portfolio <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2023-0540
Jan 30, 2023
Researcher: István Márton
WooLentor <= 2.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2023-0231
Jan 28, 2023
Researcher: István Márton
WooLentor <= 2.5.3 - PHP Object Injection
9.8
CVE-2023-0232
Jan 28, 2023
Researcher: WPScanTeam
Material Design Icons for Page Builders <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2023-24374
Jan 27, 2023
Researcher: Rafshanzani Suhada
Glossary <= 2.1.27 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2023-24378
Jan 27, 2023
Researcher: Rafshanzani Suhada
ContentStudio <= 1.2.5 - Authorization Bypass
8.2
CVE-2023-0558
Jan 27, 2023
Researcher: Chloe Chamberland
Quick Restaurant Menu <= 2.0.2 - Cross-Site Request Forgery
8.1
CVE-2023-0554
Jan 27, 2023
Researcher: Marco Wotschka
BNE Testimonials <= 2.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2023-24411
Jan 27, 2023
Researcher: Rafshanzani Suhada
JS Help Desk <= 2.7.1 - Cross-Site Request Forgery
5.4
CVE-2022-46842
Jan 27, 2023
Researcher: Vladislav Pokrovsky (ΞX.MI)
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2022-4777
Jan 27, 2023
Researcher: István Márton
Quick Restaurant Menu <= 2.0.2 - Authenticated (Administrator+) Cross-Site Scripting
4.4
CVE-2023-0553
Jan 27, 2023
Researchers: Marco Wotschka, Ivan Kuzymchak
Organization chart <= 1.4.4 - Cross-Site Request Forgery
4.3
CVE-2023-24384
Jan 27, 2023
Researcher: yuyudhn
Greenshift – animation and page builder blocks <= 4.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2023-0378
Jan 27, 2023
Researcher: István Márton
Blocksy Companion <= 1.8.67 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2023-23898
Jan 27, 2023
Researcher: Rafshanzani Suhada
Site Reviews <= 6.2.0 - Unauthenticated CSV Injection
6.5
CVE-2022-46801
Jan 27, 2023
Researcher: Mika
Booking calendar, Appointment Booking System <= 3.2.3 - Authenticated (Editor+) Stored Cross-Site Scripting
5.5
CVE-2022-47438
Jan 27, 2023
Researcher: yuyudhn
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2022-4777
Jan 27, 2023
Researcher: István Márton
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2022-4777
Jan 27, 2023
Researcher: István Márton
Title CVE ID CVSS Researchers Date
AI Contact Us Form <= 1.0 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-24386 4.4 Aswin Balaji January 30, 2023
GS Portfolio for Envato <= 1.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-0559 6.4 István Márton January 30, 2023
GS Filterable Portfolio <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-0540 6.4 István Márton January 30, 2023
WooLentor <= 2.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-0231 6.4 István Márton January 28, 2023
WooLentor <= 2.5.3 - PHP Object Injection CVE-2023-0232 9.8 WPScanTeam January 28, 2023
Material Design Icons for Page Builders <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-24374 6.4 Rafshanzani Suhada January 27, 2023
Glossary <= 2.1.27 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-24378 6.4 Rafshanzani Suhada January 27, 2023
ContentStudio <= 1.2.5 - Authorization Bypass CVE-2023-0558 8.2 Chloe Chamberland January 27, 2023
Quick Restaurant Menu <= 2.0.2 - Cross-Site Request Forgery CVE-2023-0554 8.1 Marco Wotschka January 27, 2023
BNE Testimonials <= 2.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-24411 6.4 Rafshanzani Suhada January 27, 2023
JS Help Desk <= 2.7.1 - Cross-Site Request Forgery CVE-2022-46842 5.4 Vladislav Pokrovsky (ΞX.MI) January 27, 2023
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2022-4777 6.4 István Márton January 27, 2023
Quick Restaurant Menu <= 2.0.2 - Authenticated (Administrator+) Cross-Site Scripting CVE-2023-0553 4.4 Marco Wotschka, Ivan Kuzymchak January 27, 2023
Organization chart <= 1.4.4 - Cross-Site Request Forgery CVE-2023-24384 4.3 yuyudhn January 27, 2023
Greenshift – animation and page builder blocks <= 4.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-0378 6.4 István Márton January 27, 2023
Blocksy Companion <= 1.8.67 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-23898 6.4 Rafshanzani Suhada January 27, 2023
Site Reviews <= 6.2.0 - Unauthenticated CSV Injection CVE-2022-46801 6.5 Mika January 27, 2023
Booking calendar, Appointment Booking System <= 3.2.3 - Authenticated (Editor+) Stored Cross-Site Scripting CVE-2022-47438 5.5 yuyudhn January 27, 2023
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2022-4777 6.4 István Márton January 27, 2023
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2022-4777 6.4 István Márton January 27, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation