4382 matches found
CVE-2025-49247
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cmoreira Team Showcase team-showcase-cm allows DOM-Based XSS.This issue affects Team Showcase: from n/a through 25.05.13...
CVE-2025-49247
CVE-2025-49247 : WordPress Team Showcase plugin (team-showcase-cm) contains a Reflected Cross-Site Scripting (XSS) vulnerability in versions prior to 25.05.13. Public records indicate the issue arises from insufficient input handling during page generation, enabling injected script via reflected ...
CVE-2025-30983
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Card flip image slideshow card-flip-image-slideshow allows DOM-Based XSS.This issue affects Card flip image slideshow: from n/a through = 1.5...
CVE-2025-30943
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...
CVE-2025-30943
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...
CVE-2025-24764
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A. Jones Simply Guest Author Name guest-author-name allows DOM-Based XSS.This issue affects Simply Guest Author Name: from n/a through = 4.36...
CVE-2025-30983 WordPress Card flip image slideshow plugin <= 1.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Card flip image slideshow card-flip-image-slideshow allows DOM-Based XSS.This issue affects Card flip image slideshow: from n/a through = 1.5...
CVE-2025-30983
CVE-2025-30983 affects the gopiplus Card flip image slideshow (WordPress plugin) with versions 1.5 and earlier. The vulnerability is DOM-based XSS caused by improper input neutralization during web page generation. Public sources indicate the issue exists and is currently unpatched; no confirmed ...
CVE-2025-30943 WordPress Posts Slider Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...
CVE-2025-24764
The CVE-2025-24764 entry pertains to the WordPress plugin “(Simply) Guest Author Name” (versions up to 4.36) and describes a DOM-based Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Public sources in the connected docs indicate this is...
PT-2025-27919 · Unknown · Cmoreira Team Showcase
Name of the Vulnerable Software and Affected Versions: cmoreira Team Showcase affected versions not specified Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an attack...
PT-2025-27890 · Unknown · Gopiplus Card Flip Image Slideshow
Name of the Vulnerable Software and Affected Versions: gopiplus Card flip image slideshow versions 1.5 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based Cross-site Scripting XSS. This means that an attacker cou...
WordPress plugin (Simply) Guest Author Name 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugin...
PT-2025-27872 · Unknown · Guest Author Name
Name of the Vulnerable Software and Affected Versions: Simply Guest Author Name versions n/a through 4.36 Description: The issue is related to improper neutralization of input during web page generation, which allows DOM-Based XSS. This enables potential attackers to execute malicious scripts in...
PT-2025-27886 · Unknown · Aakif Kadiwala Posts Slider Shortcode
Name of the Vulnerable Software and Affected Versions: Aakif Kadiwala Posts Slider Shortcode versions 1.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based Cross-site Scripting XSS. This means that an attacker...
CVE-2025-53275
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VaultDweller Leyka leyka allows DOM-Based XSS.This issue affects Leyka: from n/a through = 3.32.1...
CVE-2025-53321
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Raise The Money Raise The Money raise-the-money allows DOM-Based XSS.This issue affects Raise The Money: from n/a through = 5.2...
CVE-2025-53279
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows DOM-Based XSS.This issue affects Popup addon for Ninja Forms: from n/a through = 3.4...
CVE-2025-53292
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in samsk WP DataTable wp-datatable allows DOM-Based XSS.This issue affects WP DataTable: from n/a through = 0.2.7...
CVE-2025-53202
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CyberChimps Responsive Blocks responsive-block-editor-addons allows DOM-Based XSS.This issue affects Responsive Blocks: from n/a through = 2.0.6...