cleantalk
Vulnerabilities and Security Researches

VK All in One Expansion Unit, CVE-2023-27926

CVE, Research URL

CVE-2023-27926

Home page URL

Security reports for VK All in One Expansion Unit

Application

VK All in One Expansion Unit

Published on
May 23, 2023
Research Description
Cross-site scripting vulnerability in Profile setting function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script.
Affected versions
max 9.88.2.0.
Status
vulnerable
Previous vulnerability researches
VK All in One Expansion Unit (CVE-2024-37956) , Jul 13, 2024
VK All in One Expansion Unit (CVE-2023-0230) , Jun 07, 2024
VK All in One Expansion Unit (CVE-2024-2093) , Jun 07, 2024
VK All in One Expansion Unit (CVE-2023-27926) , Jun 07, 2024
VK All in One Expansion Unit (CVE-2023-28367) , Jun 07, 2024
New vulnerability
افزونه پیامک حرفه ای فراز اس ام اس (CVE-2025-68031) , Feb 28, 2026
iONE360 configurator (CVE-2025-15440) , Feb 28, 2026
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2025-13416) , Feb 28, 2026
Storyform (CVE-2025-53233) , Feb 28, 2026
افزونه پیامک ووکامرس Persian WooCommerce SMS (CVE-2026-22352) , Feb 28, 2026