WordPress plugin xili-language 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripti...

PT-2025-38798

Name of the Vulnerable Software and Affected Versions e-plugins Directory Pro versions through 2.5.5 Description The software contains a flaw related to improper input handling during web page generation, leading to a DOM-Based Cross-site Scripting issue. This allows for potential malicious code...

PT-2025-38797

Name of the Vulnerable Software and Affected Versions Ays Pro Photo Gallery by Ays versions through 6.3.6 Description The software contains a flaw related to improper input handling during web page creation, leading to a DOM-Based Cross-site Scripting issue. This allows for the injection of...

PT-2025-38940

Name of the Vulnerable Software and Affected Versions PlayerJS versions through 2.24 Description The software contains a flaw related to improper input handling during web page generation, specifically a DOM-Based Cross-site Scripting issue. This allows for potential malicious code execution with...

PT-2025-39057

Name of the Vulnerable Software and Affected Versions PenciDesign Penci Shortcodes & Performance affected versions not specified Description The software contains a flaw related to improper input handling during web page creation, leading to a Cross-site Scripting issue. Specifically, this...

WordPress plugin Penci Recipe 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

WordPress plugin Adverts 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-38813

Name of the Vulnerable Software and Affected Versions Zoho Billing versions through 4.1 Description A flaw exists in Zoho Billing that allows for DOM-Based Cross-site Scripting XSS. This issue arises from improper neutralization of input during web page generation. The vulnerability could...

WordPress plugin Image Editor by Pixo 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... A cross-site scripting...

PT-2025-38898

Name of the Vulnerable Software and Affected Versions Guaven Labs SQL Chart Builder versions through 2.3.7.2 Description A flaw exists in Guaven Labs SQL Chart Builder that allows for DOM-Based Cross-site Scripting XSS. This issue is due to improper neutralization of input during web page...

WordPress plugin Real Estate Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-38849

Name of the Vulnerable Software and Affected Versions WPKoi Templates for Elementor versions through 3.4.1 Description A flaw exists in WPKoi Templates for Elementor that allows for DOM-Based Cross-site Scripting XSS. This issue arises from improper neutralization of input during web page...

PT-2025-39056

Name of the Vulnerable Software and Affected Versions PenciDesign Penci Portfolio versions through 3.5 Description The software contains a flaw related to improper input handling during web page creation, leading to a DOM-Based Cross-site Scripting XSS condition. This allows for potential malicio...

PT-2025-38943

Name of the Vulnerable Software and Affected Versions Michel - xiligroup dev xili-language versions through 2.21.3 Description The software contains a flaw related to improper input handling during web page generation, leading to a DOM-Based Cross-Site Scripting XSS condition. This allows for...

PT-2025-39059

Name of the Vulnerable Software and Affected Versions PenciDesign Soledad versions through 8.6.8 Description A flaw exists in PenciDesign Soledad that allows for DOM-Based Cross-site Scripting XSS. This issue is due to improper neutralization of input during web page generation. The vulnerability...

Cross-site Scripting (XSS)

com.liferay.portal, release.portal.bom is vulnerable to Stored DOM-based Cross-Site Scripting XSS. The vulnerability is due to improper handling of DDM structure field labels in the Asset Publisher configuration UI within the Source.js module, where values are inserted into the DOM using innerHTM...

CVE-2025-58786

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VW THEMES Ibtana – Ecommerce Product Addons ibtana-ecommerce-product-addons allows DOM-Based XSS.This issue affects Ibtana – Ecommerce Product Addons: from n/a through = 0.4.7.6...

CVE-2025-58822

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mndpsingh287 WP Mail wp-mail allows DOM-Based XSS.This issue affects WP Mail: from n/a through = 1.3...

CVE-2025-58874

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in josepsitjar StoryMap wp-storymap allows DOM-Based XSS.This issue affects StoryMap: from n/a through = 2.1...

CVE-2025-58874 WordPress StoryMap Plugin <= 2.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in josepsitjar StoryMap allows DOM-Based XSS. This issue affects StoryMap: from n/a through 2.1...