CVE-2025-46461 WordPress RRSSB plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Relentless Apps RRSSB rrssb allows DOM-Based XSS.This issue affects RRSSB: from n/a through = 1.0.1...

CVE-2025-46538 WordPress Inline Text Popup plugin <= 1.0.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webplanetsoft Inline Text Popup inline-text-popup allows DOM-Based XSS.This issue affects Inline Text Popup: from n/a through = 1.0.0...

CVE-2025-46538 WordPress Inline Text Popup <= 1.0.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webplanetsoft Inline Text Popup allows DOM-Based XSS. This issue affects Inline Text Popup: from n/a through 1.0.0...

CVE-2025-46538

CVE-2025-46538 – WordPress Inline Text Popup (webplanetsoft) is a DOM-based cross-site scripting vulnerability affecting Inline Text Popup versions up to 1.0.0. The issue arises from improper input neutralization during web page generation, enabling XSS. Public details in the initial document ide...

CVE-2025-46536 WordPress Carousel-of-post-images plugin <= 1.07 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RichardHarrison Carousel-of-post-images carousel-of-post-images allows DOM-Based XSS.This issue affects Carousel-of-post-images: from n/a through = 1.07...

CVE-2025-46536 WordPress Carousel-of-post-images plugin <= 1.07 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RichardHarrison Carousel-of-post-images carousel-of-post-images allows DOM-Based XSS.This issue affects Carousel-of-post-images: from n/a through = 1.07...

CVE-2025-46536

CVE-2025-46536 affects the WordPress plugin Carousel-of-post-images up to version 1.07, caused by improper input neutralization during web page generation, enabling DOM-based XSS. Public details in initial and connected sources confirm the affected software and XSS nature; no patched version is c...

CVE-2025-46534 WordPress Image Style Hover <= 1.0.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DanielRiera Image Style Hover allows DOM-Based XSS. This issue affects Image Style Hover: from n/a through 1.0.6...

CVE-2025-46534

CVE-2025-46534 covers a DOM-based XSS in the WordPress plugin Image Style Hover (DanielRiera) caused by improper input neutralization during web page generation. Affected versions are reported as

CVE-2025-46532 WordPress Tooltip plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Haris Zulfiqar Tooltip wp-tooltip allows DOM-Based XSS.This issue affects Tooltip: from n/a through = 1.0.1...

CVE-2025-46532 WordPress Tooltip plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Haris Zulfiqar Tooltip wp-tooltip allows DOM-Based XSS.This issue affects Tooltip: from n/a through = 1.0.1...

CVE-2025-46532

CVE-2025-46532 describes a DOM-based XSS in the WordPress Tooltip plugin (Tooltip) due to improper input neutralization during web page generation. Affected versions: Tooltip

CVE-2025-46484

CVE-2025-46484 concerns the WordPress plugin Image Hover Effects For WPBakery Page Builder (vulnerable: up to and including 2.0). The issue is a DOM-based Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Exploitation could allow an attac...

WordPress plugin Tooltip 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-17786 · WordPress · Wp Custom Post Popup

Name of the Vulnerable Software and Affected Versions: WP Custom Post Popup versions 1.0.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an attacker can...

PT-2025-17836 · Unknown · Danielriera Image Style Hover

Name of the Vulnerable Software and Affected Versions: DanielRiera Image Style Hover versions 1.0.0 through 1.0.6 Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows DOM-Based XSS in DanielRiera...

WordPress plugin Carousel-of-post-images 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin Image Style Hover 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Image Hover Effects For WPBakery Page Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-17789 · Unknown · Able Player

Name of the Vulnerable Software and Affected Versions: Able Player versions n/a through 1.2.1 Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS attacks. This can lead to the execution of malicious scripts within the...