349 matches found
EUVD-2025-205709
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vidish Combo Offers WooCommerce woo-combo-offers allows DOM-Based XSS.This issue affects Combo Offers WooCommerce: from n/a through = 4.2...
EUVD-2025-205726
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shamalli Web Directory Free web-directory-free allows DOM-Based XSS.This issue affects Web Directory Free: from n/a through = 1.7.12...
EUVD-2025-205745
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in xenioushk BWL Pro Voting Manager bwl-pro-voting-manager allows DOM-Based XSS.This issue affects BWL Pro Voting Manager: from n/a through = 1.4.9...
CVE-2025-69018
CVE-2025-69018 affects Web Directory Free (WordPress) up to version 1.7.12. The Wordfence entry shows an authenticated (Contributor+) stored XSS vulnerability enabling DOM-based XSS during web page generation due to improper input neutralization. Patch status: Patched (fixed in a newer release).
CVE-2025-69018 WordPress Web Directory Free plugin <= 1.7.12 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shamalli Web Directory Free web-directory-free allows DOM-Based XSS.This issue affects Web Directory Free: from n/a through = 1.7.12...
CVE-2025-65442
DOM-based Cross-Site Scripting XSS vulnerability in 201206030 novel V3.5.0 allows remote attackers to execute arbitrary JavaScript code or disclose sensitive information e.g., user session cookies via a crafted "wvstest" parameter in the URL or malicious script injection into window.localStorage...
EUVD-2025-205667
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetTabs allows DOM-Based XSS.This issue affects JetTabs: from n/a through 2.2.12...
EUVD-2025-205655
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch allows DOM-Based XSS.This issue affects JetSearch: from n/a through 3.5.16...
WordPress plugin JetTabs 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
WordPress plugin Essential Addons for Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
WordPress plugin Combo Offers WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
CVE-2025-68499
CVE-2025-68499 describes a DOM-Based XSS in Crocoblock’s JetTabs WordPress plugin (JetTabs) up to version 2.2.12. The issue arises from improper neutralization of input during web page generation, enabling stored XSS when a user interacts with JetTabs. Affected software: Crocoblock JetTabs (WordP...
WordPress plugin JetSearch 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
CVE-2025-68574
CVE-2025-68574 affects Innovs WPBakery Visual Composer WHMCS Elements (void-visual-whmcs-element) and is linked to versions
CVE-2025-67632 WordPress Google AdSense for Responsive Design – GARD plugin <= 2.23 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in The Plugin Factory Google AdSense for Responsive Design GARD google-adsense-for-responsive-design-gard allows DOM-Based XSS.This issue affects Google AdSense for Responsive Design GARD: from n/a...
CVE-2025-64207
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TieLabs Jannah jannah allows DOM-Based XSS.This issue affects Jannah: from n/a through = 7.6.0...
CVE-2025-64355
CVE-2025-64355 concerns WordPress JetElements For Elementor plugin (
CVE-2025-64207 WordPress Jannah theme <= 7.6.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TieLabs Jannah jannah allows DOM-Based XSS.This issue affects Jannah: from n/a through = 7.6.0...
WordPress plugin Easy Invoice 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
WordPress plugin Jannah 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...