4382 matches found
CVE-2025-23891
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vincent Loy Yet Another Countdown yacp allows DOM-Based XSS.This issue affects Yet Another Countdown: from n/a through = 1.0.1...
CVE-2025-24732
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in reputeinfosystems BookingPress bookingpress-appointment-booking allows DOM-Based XSS.This issue affects BookingPress: from n/a through = 1.1.25...
CVE-2025-24578
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows DOM-Based XSS.This issue affects ElementInvader Addons for Elementor: from n/a through = 1.3.0...
CVE-2025-22743
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mohsin Rasool Twitter Bootstrap Collapse aka Accordian Shortcode twitter-bootstrap-collapse-aka-accordian-shortcode allows DOM-Based XSS.This issue affects Twitter Bootstrap Collapse aka Accordian...
CVE-2025-22312
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress Thim Elementor Kit thim-elementor-kit allows DOM-Based XSS.This issue affects Thim Elementor Kit: from n/a through = 1.2.9...
CVE-2025-22354
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Code Themes Digi Store allows DOM-Based XSS.This issue affects Digi Store: from n/a through 1.1.4...
CVE-2025-22584
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginsPoint Timeline Pro timeline-pro allows DOM-Based XSS.This issue affects Timeline Pro: from n/a through = 1.3...
CVE-2025-22809
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in theme funda PDF Catalog Woocommerce pdf-catalog-woocommerce allows DOM-Based XSS.This issue affects PDF Catalog Woocommerce: from n/a through = 2.0...
CVE-2025-22339
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in athemeart Store Commerce store-commerce allows DOM-Based XSS.This issue affects Store Commerce: from n/a through = 1.2.3...
CVE-2025-22500
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ali Ali Alpha Price Table For Elementor alpha-price-table-for-elementor allows DOM-Based XSS.This issue affects Alpha Price Table For Elementor: from n/a through = 1.2.0...
CVE-2025-22821
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in vfthemes StorePress storepress allows DOM-Based XSS.This issue affects StorePress: from n/a through = 1.0.12...
CVE-2025-22577
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Damion Armentrout Able Player wp-able-player allows DOM-Based XSS.This issue affects Able Player: from n/a through = 1.0...
CVE-2025-0321
The ElementsKit Pro plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 3.7.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-leve...
CVE-2025-24730
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RexTheme WP VR wpvr allows DOM-Based XSS.This issue affects WP VR: from n/a through = 8.5.14...
CVE-2025-22585
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themebon Ultimate Image Hover Effects ultimate-image-hover-effects allows DOM-Based XSS.This issue affects Ultimate Image Hover Effects: from n/a through = 1.1.2...
CVE-2025-22293
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gutentor Gutentor gutentor allows DOM-Based XSS.This issue affects Gutentor: from n/a through = 3.4.3...
CVE-2025-22823
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jtwerdy Genesis Style Shortcodes genesis-style-shortcodes allows DOM-Based XSS.This issue affects Genesis Style Shortcodes: from n/a through = 1.0...
CVE-2025-24573
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Softaculous PageLayer pagelayer allows DOM-Based XSS.This issue affects PageLayer: from n/a through = 1.9.4...
CVE-2025-24638
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pddring Create with Code create-with-code allows DOM-Based XSS.This issue affects Create with Code: from n/a through = 1.4...
CVE-2025-22745
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bjoerne Navigation Du Lapin Blanc navigation-du-lapin-blanc allows DOM-Based XSS.This issue affects Navigation Du Lapin Blanc: from n/a through = 1.1.1...