4382 matches found
CVE-2025-27329
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in inlinkz EZ InLinkz linkup inlinkz-scripter allows DOM-Based XSS.This issue affects EZ InLinkz linkup: from n/a through = 0.18...
CVE-2025-27331
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sébastien Dumont WooCommerce Display Products by Tags woocommerce-display-products-by-tags allows DOM-Based XSS.This issue affects WooCommerce Display Products by Tags: from n/a through = 1.0.0...
CVE-2025-27327
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Winlin Live Streaming Video Player – by SRS Player srs-player allows DOM-Based XSS.This issue affects Live Streaming Video Player – by SRS Player: from n/a through = 1.0.18...
CVE-2025-27330
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PlayerJS PlayerJS playerjs allows DOM-Based XSS.This issue affects PlayerJS: from n/a through = 2.23...
CVE-2025-27325
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bruce Video.js HLS Player videojs-hls-player allows DOM-Based XSS.This issue affects Video.js HLS Player: from n/a through = 1.0.2...
CVE-2025-27323
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jon Bishop WP About Author wp-about-author allows DOM-Based XSS.This issue affects WP About Author: from n/a through = 1.5...
CVE-2025-27320
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pankaj Mondal Profile Widget Ninja profile-widget-ninja allows DOM-Based XSS.This issue affects Profile Widget Ninja: from n/a through = 4.3...
CVE-2025-27280
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alobaidi Archive Page archive-page allows DOM-Based XSS.This issue affects Archive Page: from n/a through = 1.0.2...
CVE-2025-27266
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ignacio Perez Hover Image Button hover-image-button allows DOM-Based XSS.This issue affects Hover Image Button: from n/a through = 1.1.2...
CVE-2025-27265
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aaron D. Campbell Google Maps for WordPress google-maps-for-wordpress allows DOM-Based XSS.This issue affects Google Maps for WordPress: from n/a through = 1.0.3...
CVE-2025-27331 WordPress WooCommerce Display Products by Tags plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sébastien Dumont WooCommerce Display Products by Tags woocommerce-display-products-by-tags allows DOM-Based XSS.This issue affects WooCommerce Display Products by Tags: from n/a through = 1.0.0...
CVE-2025-27331 WordPress WooCommerce Display Products by Tags plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sébastien Dumont WooCommerce Display Products by Tags woocommerce-display-products-by-tags allows DOM-Based XSS.This issue affects WooCommerce Display Products by Tags: from n/a through = 1.0.0...
CVE-2025-27331
CVE-2025-27331 corresponds to a DOM-Based XSS in the WordPress plugin WooCommerce Display Products by Tags (versions
CVE-2025-27330
CVE-2025-27330 describes a DOM-based XSS in the WordPress plugin PlayerJS up to version 2.23, due to improper input neutralization during web page generation. The vulnerability affects PlayerJS and can be triggered by user-supplied input processed on the client side. The CVSS 3.1 score is 6.5 (Me...
CVE-2025-27330 WordPress PlayerJS plugin <= 2.23 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PlayerJS PlayerJS playerjs allows DOM-Based XSS.This issue affects PlayerJS: from n/a through = 2.23...
CVE-2025-27329 WordPress EZ InLinkz linkup plugin <= 0.18 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in inlinkz EZ InLinkz linkup inlinkz-scripter allows DOM-Based XSS.This issue affects EZ InLinkz linkup: from n/a through = 0.18...
CVE-2025-27329 WordPress EZ InLinkz linkup plugin <= 0.18 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in inlinkz EZ InLinkz linkup inlinkz-scripter allows DOM-Based XSS.This issue affects EZ InLinkz linkup: from n/a through = 0.18...
CVE-2025-27329
CVE-2025-27329 concerns the WordPress plugin EZ InLinkz linkup (versions
CVE-2025-27327
CVE-2025-27327 refers to a Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Live Streaming Video Player – by SRS Player (versions
CVE-2025-27325
CVE-2025-27325 concerns the Video.js HLS Player WordPress plugin (Video.js HLS Player) with DOM-based XSS due to improper input neutralization. Affected versions are from n/a through 1.0.2. The CVSS 3.1 base score is 6.5 (Network, Low Privileges, User Interaction Required, Scope Changed; Confiden...