Lucene search
K

1118520 matches found

CVE
CVE
added yesterday7 views

CVE-2026-15595

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. The affected element is an unknown function of the file /forsubject.php. This manipulation of the argument subject causes cross site scripting. It is possible to initiate the attack remotely. The exploit has...

5.3CVSS4.8AI score
Exploits0References6
Cvelist
Cvelist
added yesterday4 views

CVE-2026-58228 Scheme validation bypass in Phoenix.LiveView.Utils leads to XSS via <.link>

Cross-site scripting vulnerability in phoenixframework phoenixliveview allows an attacker to bypass URL scheme validation and execute JavaScript in a victim's browser session. The Phoenix.LiveView.Utils.validdestination!/2 and Phoenix.LiveView.Utils.validlivenavigationdestination!/2 functions in...

5CVSS
Exploits0References4
CVE
CVE
added yesterday8 views

CVE-2026-58228

Summary: CVE-2026-58228 affects phoenix_live_view (Phoenix.LiveView.Utils) and enables XSS via due to scheme validation bypass. The root cause is the internal uri_scheme/1 helper in Phoenix.LiveView.Utils that only detects schemes when the first byte is an ASCII letter; inputs starting with ASCI...

5CVSS6.2AI score
Exploits0References4
CVE
CVE
added yesterday8 views

CVE-2026-61501

Rejetto HFS versions 3.0.0–3.2.0 expose a stored XSS in the admin log viewer: log entries rendered as HTML without sanitization allow a remote unauthenticated attacker to craft a username, write JavaScript to the error log, and execute code in an administrator’s browser when logs are viewed, pote...

6.1CVSS6.3AI score
Exploits0References2
NVD
NVD
added yesterday5 views

CVE-2026-57814

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Forminator forminator allows DOM-Based XSS.This issue affects Forminator: from n/a through = 1.55.0.1...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-57816

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FunnelKit Funnel Builder by FunnelKit funnel-builder allows Reflected XSS.This issue affects Funnel Builder by FunnelKit: from n/a through = 3.15.0.8...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday6 views

CVE-2026-59516

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Reflected XSS.This issue affects ICS Calendar: from n/a through = 12.1.1...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday6 views

CVE-2026-57780

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Plugin Envision Envision Page Builder envision-page-builder allows DOM-Based XSS.This issue affects Envision Page Builder: from n/a through = 0.22...

6.5CVSS0.00218EPSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-57741

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Stored XSS.This issue affects AcyMailing SMTP Newsletter: from n/a through = 10.11.0...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-57745

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Reflected XSS.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-57728

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in UX-themes Flatsome flatsome allows Reflected XSS.This issue affects Flatsome: from n/a through = 3.20.5...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-57733

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Cloud Library td-cloud-library allows DOM-Based XSS.This issue affects tagDiv Cloud Library: from n/a through = 3.9.4...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-57732

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Opt-In Builder td-subscription allows DOM-Based XSS.This issue affects tagDiv Opt-In Builder: from n/a through = 1.7.4...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-57734

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Composer td-composer allows Reflected XSS.This issue affects tagDiv Composer: from n/a through = 5.4.3...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-57718

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates unlimited-elements-for-elementor allows Reflected XSS.This issue affects Unlimited Elements For Elementor Free...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-57711

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PSM Plugins SupportCandy supportcandy allows Stored XSS.This issue affects SupportCandy: from n/a through = 3.4.8...

6.5CVSS0.00224EPSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-57712

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPZOOM WPZOOM Portfolio wpzoom-portfolio allows Reflected XSS.This issue affects WPZOOM Portfolio: from n/a through = 1.4.29...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday2 views

CVE-2026-57715

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPManageNinja Fluent CRM fluent-crm allows Reflected XSS.This issue affects Fluent CRM: from n/a through = 3.1.7...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-57706

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dokan, Inc. Dokan dokan-lite allows Reflected XSS.This issue affects Dokan: from n/a through = 5.0.6...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-57708

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CRM Perks Contact Form Entries contact-form-entries allows Reflected XSS.This issue affects Contact Form Entries: from n/a through = 1.5.2...

7.1CVSS0.00251EPSS
Exploits0References1
Rows per page
Query Builder