← Back

Codeboxr

codeboxr

5 CVEs • 4 products

Products (4)

Click to collapse
Toggle
Cbx Map
cbx_map
2 CVEs
Cbx Petition For Wordpress
cbx_petition_for_wordpress
1 CVE
Cbx Currency Converter
cbx_currency_converter
1 CVE
Cbx Bookmark & Favorite
cbx_bookmark_&_favorite
1 CVE

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-51514
1Codeboxr
1Cbx Bookmark & Favorite
Jun 17, 2026
Feb 1, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeboxr Team CBX Bookmark & Favorite allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1...Show more
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeboxr Team CBX Bookmark & Favorite allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.13.Show less
CVE-2024-22297
1Codeboxr
1Cbx Map
Jun 17, 2026
Jan 31, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeboxr CBX Map for Google Map & OpenStreetMap allows Stored XSS.This issue affects CBX Map for Google Map & OpenStre...Show more
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeboxr CBX Map for Google Map & OpenStreetMap allows Stored XSS.This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through 1.1.11.Show less
CVE-2023-28747
1Codeboxr
1Cbx Currency Converter
Jun 17, 2026
Nov 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in codeboxr CBX Currency Converter plugin <= 3.0.3 versions.
CVE-2023-47240
2Codeboxr
Codebxr
2Cbx Map
Cbx Map For Google Map & Openstreetmap
Jun 17, 2026
Nov 16, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Codeboxr CBX Map for Google Map & OpenStreetMap plugin <= 1.1.11 versions.
CVE-2022-4383
1Codeboxr
1Cbx Petition For Wordpress
Jun 17, 2026
Jan 23, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
The CBX Petition for WordPress plugin through 1.0.3 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.