4382 matches found
CVE-2025-22758
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Harnani Elementor AI Addons ai-addons-for-elementor allows DOM-Based XSS.This issue affects Elementor AI Addons: from n/a through = 2.2.1...
CVE-2025-22781
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nativery Nativery nativery allows DOM-Based XSS.This issue affects Nativery: from n/a through = 0.1.6...
CVE-2025-22742
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in falldeaf WP ViewSTL wp-viewstl allows DOM-Based XSS.This issue affects WP ViewSTL: from n/a through = 1.0...
CVE-2025-22806
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Modernaweb Studio Black Widgets For Elementor black-widgets allows DOM-Based XSS.This issue affects Black Widgets For Elementor: from n/a through = 1.3.8...
CVE-2025-22808
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Surbma Surbma | Premium WP surbma-premium-wp allows DOM-Based XSS.This issue affects Surbma | Premium WP: from n/a through = 9.0...
CVE-2025-22827
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in joomag WP Joomag wp-joomag allows DOM-Based XSS.This issue affects WP Joomag: from n/a through = 2.5.2...
CVE-2025-22309
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RopeSwingHld SpeakOut! Email Petitions speakout allows DOM-Based XSS.This issue affects SpeakOut! Email Petitions: from n/a through = 4.4.2...
CVE-2024-52349
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Md. Shiddikur Rahman Awesome Tool Tip awesome-tool-tip allows DOM-Based XSS.This issue affects Awesome Tool Tip: from n/a through = 1.0...
CVE-2024-49233
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MadrasThemes MAS Elementor mas-addons-for-elementor allows DOM-Based XSS.This issue affects MAS Elementor: from n/a through = 1.1.6...
CVE-2024-49241
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tady Tito tito allows DOM-Based XSS.This issue affects Tito: from n/a through = 2.3...
CVE-2024-52350
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nrmendez CRM 2go crm2go allows DOM-Based XSS.This issue affects CRM 2go: from n/a through = 1.0...
CVE-2024-52426
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Linear Oy Linear linear allows DOM-Based XSS.This issue affects Linear: from n/a through = 2.8.0...
CVE-2024-52352
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in miloandrew Postcasa Shortcode postcasa allows DOM-Based XSS.This issue affects Postcasa Shortcode: from n/a through = 1.0...
CVE-2024-52486
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SolverWp Elementor Portfolio Builder portfolio-builder-elementor allows DOM-Based XSS.This issue affects Elementor Portfolio Builder: from n/a through = 1.0.0...
CVE-2024-52502
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ImbaSynergy ImbaChat imbachat-widget allows DOM-Based XSS.This issue affects ImbaChat: from n/a through = 3.1.4...
CVE-2024-29191
gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The links page links.html appends the src GET parameter 0 in all of its links for 1-click previews. The context in which src is being appended is innerHTML 1, which will insert th...
CVE-2024-26466
A DOM based cross-site scripting XSS vulnerability in the component /dom/ranges/Range-test-iframe.html of web-platform-tests/wpt before commit 938e843 allows attackers to execute arbitrary Javascript via sending a crafted URL...
CVE-2024-35645
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in M A Vinoth Kumar Random Banner random-banner allows DOM-Based XSS.This issue affects Random Banner: from n/a through = 4.2.12...
CVE-2024-56246
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows DOM-Based XSS.This issue affects Nexter Blocks: from n/a through = 4.0.4...
CVE-2024-29193
gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The index page index.html shows the available streams by fetching the API in the client side. Then, it uses Object.entries to iterate over the result whose first item name gets...