4382 matches found
CVE-2025-31835 WordPress WP Plugin Info Card plugin <= 5.3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brice Capobianco WP Plugin Info Card wp-plugin-info-card allows DOM-Based XSS.This issue affects WP Plugin Info Card: from n/a through = 5.3.0...
CVE-2025-31835 WordPress WP Plugin Info Card plugin <= 5.2.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brice Capobianco WP Plugin Info Card allows DOM-Based XSS. This issue affects WP Plugin Info Card: from n/a through 5.2.5...
CVE-2025-31829 WordPress ShopCred plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in devscred ShopCred allows DOM-Based XSS. This issue affects ShopCred: from n/a through 1.2.8...
CVE-2025-31829
CVE-2025-31829 concerns a DOM-based Cross-Site Scripting vulnerability in the ShopCred WordPress plugin. The vulnerability arises from improper neutralization of input during web page generation, enabling DOM-based XSS. Affected software: ShopCred – WooCommerce Builder with Products Grid & Carous...
CVE-2025-31829 WordPress ShopCred plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in devscred ShopCred shopcred allows DOM-Based XSS.This issue affects ShopCred: from n/a through = 1.3.0...
CVE-2025-31790 WordPress Posten plugin <= 0.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Binsaifullah Posten posten-post-blocks allows DOM-Based XSS.This issue affects Posten: from n/a through = 0.0.1...
CVE-2025-31790
CVE-2025-31790 affects Posten – Gutenberg Post Block for WordPress (Posten
CVE-2025-31790 WordPress Posten plugin <= 0.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Binsaifullah Posten allows DOM-Based XSS. This issue affects Posten: from n/a through 0.0.1...
CVE-2025-31760
CVE-2025-31760 is a stored Cross-Site Scripting vulnerability in the WordPress plugin SnapWidget Social Photo Feed Widget . The issue affects versions from unknown up to and including 1.1.0 and is caused by improper input neutralization during web page generation, enabling a DOM-based XSS payload...
CVE-2025-31760 WordPress SnapWidget Social Photo Feed Widget plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in snapwidget SnapWidget Social Photo Feed Widget allows DOM-Based XSS. This issue affects SnapWidget Social Photo Feed Widget: from n/a through 1.1.0...
CVE-2025-31747 WordPress WP Chrono plugin <= 1.5.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in milan.latinovic WP Chrono wp-chrono allows DOM-Based XSS.This issue affects WP Chrono: from n/a through = 1.5.4...
CVE-2025-31747
CVE-2025-31747 is a DOM-based XSS vulnerability in the WordPress plugin WP Chrono (listed as WP Chrono) affecting versions up to 1.5.4. According to connected documentation, the issue is described as an “Improper Neutralization of Input During Web Page Generation” leading to DOM-based Cross-Site ...
CVE-2025-31747 WordPress WP Chrono plugin <= 1.5.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in milan.latinovic WP Chrono wp-chrono allows DOM-Based XSS.This issue affects WP Chrono: from n/a through = 1.5.4...
CVE-2025-31741 WordPress Easy Magazine plugin <= 2.1.13 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Filtr8 Easy Magazine filtr8-magazine allows DOM-Based XSS.This issue affects Easy Magazine: from n/a through = 2.1.13...
CVE-2025-31741
CVE-2025-31741 is a DOM-based XSS in the WordPress plugin Easy Magazine (Filtr8 Magazine) up to version 2.1.13, caused by improper input neutralization during web page generation. There is no public patch details in the provided documents; the vulnerability is currently unpatched per the referenc...
CVE-2025-31741 WordPress Easy Magazine plugin <= 2.1.13 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Filtr8 Easy Magazine allows DOM-Based XSS. This issue affects Easy Magazine: from n/a through 2.1.13...
CVE-2025-31734 WordPress Simple Post Expiration plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi Simple Post Expiration simple-post-expiration allows DOM-Based XSS.This issue affects Simple Post Expiration: from n/a through = 1.0.1...
CVE-2025-31734 WordPress Simple Post Expiration plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi Simple Post Expiration allows DOM-Based XSS. This issue affects Simple Post Expiration: from n/a through 1.0.1...
CVE-2025-31734
CVE-2025-31734 concerns the WordPress plugin Simple Post Expiration. A connected Wordfence entry confirms a Cross-Site Scripting vulnerability in Simple Post Expiration versions up to 1.0.1 (authenticated context). The Initial Description cites a DOM-Based XSS, while the Wordfence detail describe...
PT-2025-14208 · Shopcred · Shopcred
Name of the Vulnerable Software and Affected Versions: ShopCred versions 1.2.8 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This can lead to cross-site scripting attacks. Recommendations: For versions...