Wordfence Intelligence   >   Search Results

Showing 421-440 of 453 search results

Refine your search

Tip: You can search by CVE ID, software name or slug, or the researcher name. Expand to read about more advanced search options.

If you want to perform more advanced lookups, you can use keywords to further refine your search.

For example, woocommerce researcher:"chloe chamberland" would search for any vulnerabilities discovered by Chloe Chamberland in software that has WooCommerce in the title.

Keywords are added in keyword:value format. If the value contains spaces, you must enclose it in quotation marks.

You can use the following keywords to add criteria to your search:

title
Searches through the title of each vulnerability for matches.
date
Returns vulnerabilities by publication date. Use YYYY-MM-DD, YYYY-MM or YYYY format.
cvss-rating
Use low, medium, high or critical to limit the search to vulnerabilities with the specified rating.
researcher
Returns vulnerabilities credited to researchers containing the given text.
software
Returns vulnerabilities discovered in software containing the given text.
software-slug
Returns vulnerabilities discovered in software exactly matching the given slug.
software-type
Use plugin, theme or core to limit the search to the specified type of software.
By selecting “Search” you acknowledge that you have read and agree to the Wordfence Intelligence Terms and Conditions.
Video.js – HTML5 Video Player for WordPress <= 4.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2022-4786
Jan 4, 2023
Researcher: István Márton
Restaurant Menu – Food Ordering System – Table Reservation <= 2.3.5 - Authenticated (Contributor+) Cross-Site Scripting
6.4
CVE-2022-4657
Jan 4, 2023
Researcher: István Márton
List Pages Shortcode <= 1.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2022-4757
Jan 4, 2023
Researcher: István Márton
FL3R FeelBox <= 8.1 - Cross-Site Request Forgery leading to Stored Cross-Site Scripting
4.7
CVE-2022-4552
Jan 4, 2023
Researcher: WPScanTeam
Post Category Image With Grid and Slider <= 1.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2022-4747
Jan 4, 2023
Researcher: István Márton
WooCommerce Eway Gateway <= 3.5.0 - Insecure Direct Object Reference
5.4
CVE ID Unknown
Jan 4, 2023
Researchers:
Product Slider and Carousel with Category for WooCommerce <= 2.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2022-4791
Jan 4, 2023
Researcher: István Márton
Logaster Logo Generator <= 1.3 - Cross-Site Request Forgery to Arbitrary Media Deletion and Creation
5.4
CVE-2022-47159
Jan 4, 2023
Researcher: rezaduty
RSS Aggregator by Feedzy <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2022-4667
Jan 4, 2023
Researcher: István Márton
Lightbox Gallery <= 0.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2022-4682
Jan 4, 2023
Researcher: István Márton
My YouTube Channel <= 3.0.12.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
5.5
CVE-2023-0446
Jan 4, 2023
Researcher: Marco Wotschka
Show-Hide / Collapse-Expand <= 1.2.6 - Missing Authorization
5.4
CVE ID Unknown
Jan 4, 2023
Researchers:
Amazon Affiliate <= 3.12.2 - Reflected File Download
9.8
CVE-2022-4794
Jan 4, 2023
Researcher: Daniel Ruf
Easy Pricing Tables <= 3.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2022-4654
Jan 4, 2023
Researcher: István Márton
Knowledge Base <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block
6.4
CVE ID Unknown
Jan 3, 2023
Researchers:
Bold Timeline Lite <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2022-4828
Jan 3, 2023
Researcher: István Márton
Survey Maker – Best WordPress Survey Plugin <= 3.1.3 - Unauthenticated Stored Cross-Site Scripting
7.2
CVE-2023-0038
Jan 3, 2023
Researcher: Chloe Chamberland
Analytify <= 4.2.3 - Missing Authorization & Cross-Site Request Forgery
4.3
CVE-2022-45830
Jan 3, 2023
Researcher: Tien Nguyen Ahn
Joli Table of Contents <= 1.3.9 - Cross-Site Request Forgery
5.4
CVE-2022-46820
Jan 3, 2023
Researcher: minhtuanact
PixCodes <= 2.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2022-4671
Jan 3, 2023
Researcher: István Márton
Title CVE ID CVSS Researchers Date
Video.js – HTML5 Video Player for WordPress <= 4.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2022-4786 6.4 István Márton January 4, 2023
Restaurant Menu – Food Ordering System – Table Reservation <= 2.3.5 - Authenticated (Contributor+) Cross-Site Scripting CVE-2022-4657 6.4 István Márton January 4, 2023
List Pages Shortcode <= 1.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2022-4757 6.4 István Márton January 4, 2023
FL3R FeelBox <= 8.1 - Cross-Site Request Forgery leading to Stored Cross-Site Scripting CVE-2022-4552 4.7 WPScanTeam January 4, 2023
Post Category Image With Grid and Slider <= 1.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2022-4747 6.4 István Márton January 4, 2023
WooCommerce Eway Gateway <= 3.5.0 - Insecure Direct Object Reference 5.4 January 4, 2023
Product Slider and Carousel with Category for WooCommerce <= 2.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2022-4791 6.4 István Márton January 4, 2023
Logaster Logo Generator <= 1.3 - Cross-Site Request Forgery to Arbitrary Media Deletion and Creation CVE-2022-47159 5.4 rezaduty January 4, 2023
RSS Aggregator by Feedzy <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2022-4667 6.4 István Márton January 4, 2023
Lightbox Gallery <= 0.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2022-4682 6.4 István Márton January 4, 2023
My YouTube Channel <= 3.0.12.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-0446 5.5 Marco Wotschka January 4, 2023
Show-Hide / Collapse-Expand <= 1.2.6 - Missing Authorization 5.4 January 4, 2023
Amazon Affiliate <= 3.12.2 - Reflected File Download CVE-2022-4794 9.8 Daniel Ruf January 4, 2023
Easy Pricing Tables <= 3.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2022-4654 6.4 István Márton January 4, 2023
Knowledge Base <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block 6.4 January 3, 2023
Bold Timeline Lite <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2022-4828 6.4 István Márton January 3, 2023
Survey Maker – Best WordPress Survey Plugin <= 3.1.3 - Unauthenticated Stored Cross-Site Scripting CVE-2023-0038 7.2 Chloe Chamberland January 3, 2023
Analytify <= 4.2.3 - Missing Authorization & Cross-Site Request Forgery CVE-2022-45830 4.3 Tien Nguyen Ahn January 3, 2023
Joli Table of Contents <= 1.3.9 - Cross-Site Request Forgery CVE-2022-46820 5.4 minhtuanact January 3, 2023
PixCodes <= 2.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2022-4671 6.4 István Márton January 3, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation