4382 matches found
PT-2025-14414 · Unknown · Limit Max Ips Per User
Name of the Vulnerable Software and Affected Versions: Limit Max IPs Per User versions 1.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This enables potential attackers...
PT-2025-14261 · Unknown · Daniel Floeter Hyperlink Group Block
Name of the Vulnerable Software and Affected Versions: Daniel Floeter Hyperlink Group Block versions 2.0.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This can lead to cross-site scripting attacks...
PT-2025-14217 · Eventbee · Eventbee Rsvp Widget
Name of the Vulnerable Software and Affected Versions: Eventbee RSVP Widget versions n/a through 1.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows DOM-Based XSS in the Eventbee RSVP Widget...
WordPress plugin mFolio Lite 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...
WordPress plugin FancyPost 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site...
WordPress plugin BlockWheels 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...
PT-2025-14147 · Snapwidget · Snapwidget Social Photo Feed Widget
Name of the Vulnerable Software and Affected Versions: SnapWidget Social Photo Feed Widget versions 1.1.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This means that an attacker could potentially...
PT-2025-14252 · Unknown · Pluginic Fancypost
Name of the Vulnerable Software and Affected Versions: Pluginic FancyPost versions n/a through 6.0.1 Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows DOM-Based XSS in Pluginic FancyPost...
WordPress plugin WP Chrono 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...
WordPress plugin Posten 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress plugin SnapWidget Social Photo Feed Widget 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
PT-2025-14136 · WordPress · Wp Chrono
Name of the Vulnerable Software and Affected Versions: WP Chrono versions 1.5.4 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing DOM-Based XSS. This enables potential attackers to inject...
PT-2025-14126 · Unknown · Simple Post Expiration
Name of the Vulnerable Software and Affected Versions: Simple Post Expiration versions 1.0.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an attacker...
CVE-2025-31624
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LABCAT Processing Projects processing-projects allows DOM-Based XSS.This issue affects Processing Projects: from n/a through = 1.0.2...
CVE-2025-31549
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Agency Dominion Inc. Fusion fusion allows DOM-Based XSS.This issue affects Fusion: from n/a through = 1.6.4...
CVE-2025-31557
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MiKa OSM osm allows DOM-Based XSS.This issue affects OSM: from n/a through = 6.1.13...
CVE-2025-31559
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Caspio Bridge Custom Database Applications by Caspio custom-database-applications-by-caspio allows DOM-Based XSS.This issue affects Custom Database Applications by Caspio: from n/a through = 2.1...
CVE-2025-31562
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aphotrax Uptime Robot Plugin for WordPress uptime-robot-monitor allows DOM-Based XSS.This issue affects Uptime Robot Plugin for WordPress: from n/a through = 2.3...
CVE-2025-31543
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Twice Commerce Twice Commerce embed-rentle allows DOM-Based XSS.This issue affects Twice Commerce: from n/a through = 1.3.1...
CVE-2025-31535
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PressTigers Simple Owl Carousel simple-owl-carousel allows DOM-Based XSS.This issue affects Simple Owl Carousel: from n/a through = 1.1.1...