Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1115467 matches found

EUVD
EUVDadded yesterday7 views

EUVD-2026-37205

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in PowerSchool Employee Access Center allows Cross-Site Scripting XSS. This issue affects Employee Access Center: 23.10. It is possible to add in javascript code after the login URL and have it...

7.4CVSS5.5AI score
Exploits0References2
CVE
CVEadded yesterday13 views

CVE-2026-48869 WordPress Enfold theme <= 7.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

CVE-2026-48869 : The WordPress Enfold theme (versions

7.1CVSS5.2AI score
Exploits0References1
CVE
CVEadded yesterday3 views

CVE-2026-39548 WordPress MagOne theme <= 9.0 - Reflected Cross Site Scripting (XSS) vulnerability

The CVE describes an unauthenticated Reflected Cross Site Scripting (XSS) vulnerability in the WordPress MagOne theme, version(s) up to and including 9.0. The issue affects the MagOne theme for WordPress and is categorized as a reflected XSS; the exact vulnerable component is not separately ident...

7.1CVSS5.2AI score
Exploits0References1
CVE
CVEadded yesterday11 views

CVE-2025-69151 WordPress Grand Car Rental theme <= 3.7 - Cross Site Scripting (XSS) vulnerability

CVE-2025-69151 describes an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress Grand Car Rental theme, affecting versions up to 3.7. The available description confirms the vulnerability class (XSS) and that exploitation does not require authentication, but the provided mate...

7.1CVSS5AI score
Exploits0References1
CVE
CVEadded yesterday6 views

CVE-2025-69104 WordPress Qreatix theme <= 1.9.4 - Cross Site Scripting (XSS) vulnerability

Technical details for CVE-2025-69104 are not provided in the connected documents. Monitor for updates.

7.1CVSS5AI score
Exploits0References1
NVD
NVDadded yesterday4 views

CVE-2026-12425

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in PowerSchool Employee Access Center allows Cross-Site Scripting XSS. This issue affects Employee Access Center: 23.10. It is possible to add in javascript code after the login URL and have it...

7.4CVSS
Exploits0References1
NVD
NVDadded yesterday7 views

CVE-2026-53841

OpenClaw before 2026.5.12 contains a cross-site scripting vulnerability in exported session HTML that preserves unsafe javascript: and data: links in generated content. Attackers can execute browser-side scripts if a trusted operator opens the exported file and activates a malicious link...

6.1CVSS
Exploits0References2
CVE
CVEadded yesterday4 views

CVE-2026-12425

CVE-2026-12425 is a reflected/DOM-based XSS in PowerSchool Employee Access Center 23.10. The issue allows injection of JavaScript after the login URL that can be eval()’d in the user’s browser context, enabling an attacker to run code with the user’s privileges. The CVSS metrics indicate network ...

7.4CVSS5.5AI score
Exploits0References1
CVE
CVEadded yesterday5 views

CVE-2026-53841

OpenClaw prior to version 2026.5.12 exposes a stored cross-site scripting risk in exported session HTML. The vulnerability arises because the exported content preserves unsafe javascript: and data: links, enabling browser-side scripts when a trusted operator opens the exported file and activates ...

6.1CVSS5.1AI score
Exploits0References2
NVD
NVDadded yesterday4 views

CVE-2024-30476

PowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-privileged malicious actor could potentially exploit this vulnerability, it could lead to script execution in the client browser...

5.4CVSS
Exploits0References1
Cvelist
Cvelistadded yesterday10 views

CVE-2024-30476

PowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-privileged malicious actor could potentially exploit this vulnerability, it could lead to script execution in the client browser...

5.4CVSS
Exploits0References1
EUVD
EUVDadded yesterday6 views

EUVD-2024-55623

PowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-privileged malicious actor could potentially exploit this vulnerability, it could lead to script execution in the client browser...

5.4CVSS5.5AI score
Exploits0References1
CVE
CVEadded yesterday5 views

CVE-2024-30476

CVE-2024-30476 details a Stored Cross-Site Scripting vulnerability in Dell PowerStore Manager. A remote authenticated, low-privileged attacker could exploit this to execute scripts in the browser of an authenticated user. CVSS v3.1 base score 5.4 (Medium); attack vector: Network; privileges requi...

5.4CVSS5.6AI score
Exploits0References1
EUVD
EUVDadded yesterday6 views

EUVD-2026-36428

Nuxt: Reflected XSS in via unsanitised javascript: or data: URL...

5.4CVSS5.1AI score0.00198EPSS
Exploits0References4
NVD
NVDadded yesterday4 views

CVE-2026-54198

Unauthenticated Cross Site Scripting XSS in Media LIbrary Assistant = 3.35 versions...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVDadded yesterday6 views

CVE-2026-54191

Unauthenticated Cross Site Scripting XSS in Pods = 3.3.8 versions...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVDadded yesterday3 views

CVE-2026-39437

Unauthenticated Cross Site Scripting XSS in Min Max Step Quantity Limits Manager for WooCommerce = 5.2.2 versions...

7.1CVSS0.00251EPSS
Exploits0References1
Patchstack
Patchstackadded yesterday4 views

WordPress Secure Client Portal and Private File Sharing Plugin – User Private Files plugin <= 2.1.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by pham quang huy Zibanana in WordPress Plugin User Private Files versions = 2.1.6...

6.4CVSS5.2AI score0.00235EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded yesterday14 views

CVE-2026-54198 WordPress Media LIbrary Assistant plugin <= 3.35 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Media LIbrary Assistant = 3.35 versions...

7.1CVSS0.00251EPSS
Exploits0References1
EUVD
EUVDadded yesterday4 views

EUVD-2026-37055

Unauthenticated Cross Site Scripting XSS in Media LIbrary Assistant = 3.35 versions...

7.1CVSS5.2AI score0.00251EPSS
Exploits0References1
Rows per page
Query Builder