4382 matches found
WordPress plugin WP Custom Post Popup 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-17796 · Unknown · Peadig'S Google +1 Button
Name of the Vulnerable Software and Affected Versions: Peadig’s Google +1 Button versions 0.1.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This can be exploited through the Peadig’s Google +1 Button...
PT-2025-17834 · Unknown · Haris Zulfiqar Tooltip
Name of the Vulnerable Software and Affected Versions: Haris Zulfiqar Tooltip versions 1.0.1 and earlier Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows DOM-Based XSS. This enables potential...
PT-2025-17837 · Richardharrison · Carousel-Of-Post-Images
Name of the Vulnerable Software and Affected Versions: RichardHarrison Carousel-of-post-images versions 1.07 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means tha...
PT-2025-17838 · Webplanetsoft · Webplanetsoft Inline Text Popup
Name of the Vulnerable Software and Affected Versions: webplanetsoft Inline Text Popup versions 1.0.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an...
PT-2025-17797 · Wpbakery Page Builder · Image Hover Effects For Wpbakery Page Builder
Name of the Vulnerable Software and Affected Versions: Image Hover Effects For WPBakery Page Builder versions n/a through 2.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This mean...
WordPress plugin Peadig’s Google +1 Button 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress plugin RAphicon 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...
PT-2025-17783 · Rahendra Putra K · Raphicon
Name of the Vulnerable Software and Affected Versions: Rahendra Putra K RAphicon versions n/a through 2.1.2 Description: The issue affects Rahendra Putra K RAphicon, allowing DOM-Based XSS due to improper neutralization of input during web page generation. This enables Cross-site Scripting attack...
PT-2025-17771 · Unknown · Fable Extra
Name of the Vulnerable Software and Affected Versions: Fable Extra versions 1.0.0 through 1.0.6 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an attacker could...
PT-2025-17793 · Unknown · Bbcode Deluxe
Name of the Vulnerable Software and Affected Versions: BBCode Deluxe versions through 2020.08.01.2 Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This can lead to Cross-site Scripting attacks. Recommendations: For...
CVE-2025-46228
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bastien Ho Event post event-post allows DOM-Based XSS.This issue affects Event post: from n/a through = 5.9.11...
CVE-2025-46225
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Post in page for Elementor allows DOM-Based XSS. This issue affects Post in page for Elementor: from n/a through 1.0.1...
CVE-2025-46225
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Post in page for Elementor allows DOM-Based XSS. This issue affects Post in page for Elementor: from n/a through 1.0.1...
CVE-2025-46228 WordPress Event post plugin <= 5.9.11 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bastien Ho Event post event-post allows DOM-Based XSS.This issue affects Event post: from n/a through = 5.9.11...
CVE-2025-46228
CVE-2025-46228: WordPress Event post plugin vulnerability allowing DOM-based XSS due to improper input neutralization during web page generation. Affected versions are n/a through 5.9.11 (Event post). Reports from NVD/CVE records and Patchstack describe XSS in the Event post plugin; patch/status ...
CVE-2025-46225
CVE-2025-46225 : WordPress plugin Post in page for Elementor suffers a DOM-based XSS due to improper input neutralization in its web page generation. Affected: Elementor’s Post in page for Elementor, versions from n/a through 1.0.1. Impact described in sources as cross-site scripting; exploitatio...
CVE-2025-46225 WordPress Post in page for Elementor plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Post in page for Elementor allows DOM-Based XSS. This issue affects Post in page for Elementor: from n/a through 1.0.1...
CVE-2025-46225 WordPress Post in page for Elementor plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Post in page for Elementor allows DOM-Based XSS. This issue affects Post in page for Elementor: from n/a through 1.0.1...
PT-2025-17495 · Unknown · Event Post
Name of the Vulnerable Software and Affected Versions: Bastien Ho Event post versions n/a through 5.9.11 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing DOM-Based XSS in the Event post. Recommendations:...