Wordfence Intelligence   >   Search Results

Showing 81-100 of 410 search results

Refine your search

Tip: You can search by CVE ID, software name or slug, or the researcher name. Expand to read about more advanced search options.

If you want to perform more advanced lookups, you can use keywords to further refine your search.

For example, woocommerce researcher:"chloe chamberland" would search for any vulnerabilities discovered by Chloe Chamberland in software that has WooCommerce in the title.

Keywords are added in keyword:value format. If the value contains spaces, you must enclose it in quotation marks.

You can use the following keywords to add criteria to your search:

title
Searches through the title of each vulnerability for matches.
date
Returns vulnerabilities by publication date. Use YYYY-MM-DD, YYYY-MM or YYYY format.
cvss-rating
Use low, medium, high or critical to limit the search to vulnerabilities with the specified rating.
researcher
Returns vulnerabilities credited to researchers containing the given text.
software
Returns vulnerabilities discovered in software containing the given text.
software-slug
Returns vulnerabilities discovered in software exactly matching the given slug.
software-type
Use plugin, theme or core to limit the search to the specified type of software.
By selecting “Search” you acknowledge that you have read and agree to the Wordfence Intelligence Terms and Conditions.
Rating Widget <= 3.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcodes
6.4
CVE-2023-23831
Apr 24, 2023
Researcher: István Márton
Tippy <= 6.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via tippy shortcode
6.4
CVE-2023-31079
Apr 24, 2023
Researcher: Mika
Easy Slider Revolution <= 1.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via esrcpt_slider_allow_iframes_filter
6.4
CVE-2023-28622
Apr 21, 2023
Researcher: Yuki Haruma
ActiveCampaign – Forms, Site Tracking, Live Chat <= 8.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2023-0233
Apr 20, 2023
Researcher: István Márton
WPJAM Basic <= 6.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2023-23709
Apr 20, 2023
Researcher: István Márton
Mail Subscribe List <= 2.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via smlsubform shortcode
6.4
CVE-2023-23657
Apr 20, 2023
Researcher: István Márton
Social Share Boost <= 4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via ssboost shortcode
6.4
CVE-2023-23688
Apr 19, 2023
Researcher: István Márton
WP Links Page <= 4.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2023-22720
Apr 19, 2023
Researcher: István Márton
Uji Popup <= 1.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via uji_popup_code shortcode
6.4
CVE-2023-23641
Apr 19, 2023
Researcher: István Márton
File Gallery <= 1.8.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via file_gallery_shortcode
6.4
CVE-2023-23676
Apr 19, 2023
Researcher: István Márton
FormCraft <= 1.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via fcb shortcode
6.4
CVE-2023-22717
Apr 19, 2023
Researcher: István Márton
WP-FormAssembly <= 2.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE ID Unknown
Apr 18, 2023
Researchers:
Kaya QR Code Generator <= 1.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via qrCode attribute
6.4
CVE-2023-30784
Apr 18, 2023
Researcher: Mika
f(x) TOC <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2023-0490
Apr 18, 2023
Researcher: István Márton
BBSpoiler <= 2.01 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2023-23873
Apr 18, 2023
Researcher: István Márton
Button Builder – Buttons X <= 0.8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2023-23867
Apr 18, 2023
Researcher: István Márton
Wp-D3 <= 2.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2023-0536
Apr 17, 2023
Researcher: István Márton
Product Slider For WooCommerce Lite <= 1.1.7 - Authenticated(Contributor+) Stored Cross-Site Scripting via Meta Keys
6.4
CVE-2023-0537
Apr 17, 2023
Researcher: István Márton
Mega Addons For WPBakery Page Builder <= 4.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2023-0268
Apr 17, 2023
Researcher: István Márton
WP Popups – WordPress Popup builder <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2023-1905
Apr 17, 2023
Researcher: Erwan LR
Title CVE ID CVSS Researchers Date
Rating Widget <= 3.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcodes CVE-2023-23831 6.4 István Márton April 24, 2023
Tippy <= 6.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via tippy shortcode CVE-2023-31079 6.4 Mika April 24, 2023
Easy Slider Revolution <= 1.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via esrcpt_slider_allow_iframes_filter CVE-2023-28622 6.4 Yuki Haruma April 21, 2023
ActiveCampaign – Forms, Site Tracking, Live Chat <= 8.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-0233 6.4 István Márton April 20, 2023
WPJAM Basic <= 6.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-23709 6.4 István Márton April 20, 2023
Mail Subscribe List <= 2.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via smlsubform shortcode CVE-2023-23657 6.4 István Márton April 20, 2023
Social Share Boost <= 4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via ssboost shortcode CVE-2023-23688 6.4 István Márton April 19, 2023
WP Links Page <= 4.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-22720 6.4 István Márton April 19, 2023
Uji Popup <= 1.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via uji_popup_code shortcode CVE-2023-23641 6.4 István Márton April 19, 2023
File Gallery <= 1.8.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via file_gallery_shortcode CVE-2023-23676 6.4 István Márton April 19, 2023
FormCraft <= 1.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via fcb shortcode CVE-2023-22717 6.4 István Márton April 19, 2023
WP-FormAssembly <= 2.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode 6.4 April 18, 2023
Kaya QR Code Generator <= 1.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via qrCode attribute CVE-2023-30784 6.4 Mika April 18, 2023
f(x) TOC <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-0490 6.4 István Márton April 18, 2023
BBSpoiler <= 2.01 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-23873 6.4 István Márton April 18, 2023
Button Builder – Buttons X <= 0.8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-23867 6.4 István Márton April 18, 2023
Wp-D3 <= 2.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-0536 6.4 István Márton April 17, 2023
Product Slider For WooCommerce Lite <= 1.1.7 - Authenticated(Contributor+) Stored Cross-Site Scripting via Meta Keys CVE-2023-0537 6.4 István Márton April 17, 2023
Mega Addons For WPBakery Page Builder <= 4.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-0268 6.4 István Márton April 17, 2023
WP Popups – WordPress Popup builder <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-1905 6.4 Erwan LR April 17, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation