CVE-2025-26761

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows DOM-Based XSS.This issue affects Easy Elementor Addons: from n/a through = 2.1.5...

The vulnerability of the Adobe Experience Manager content and media data management system lies in the insufficient protection of the website structure, which allows an attacker to execute a DOM-Based XSS attack.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute a DOM-Based XSS attack remotely...

CVE-2025-26761

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows DOM-Based XSS.This issue affects Easy Elementor Addons: from n/a through = 2.1.5...

CVE-2025-26761 WordPress Easy Elementor Addons plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows DOM-Based XSS.This issue affects Easy Elementor Addons: from n/a through = 2.1.5...

CVE-2025-26558

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mkkmail Aparat Responsive aparat-responsive allows DOM-Based XSS.This issue affects Aparat Responsive: from n/a through = 1.3...

CVE-2025-26567

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in farjana55 Font Awesome WP font-awesome-wp allows DOM-Based XSS.This issue affects Font Awesome WP: from n/a through = 1.0...

CVE-2025-26493

In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab...

CVE-2025-26558

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mkkmail Aparat Responsive aparat-responsive allows DOM-Based XSS.This issue affects Aparat Responsive: from n/a through = 1.3...

CVE-2025-26567

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in farjana55 Font Awesome WP font-awesome-wp allows DOM-Based XSS.This issue affects Font Awesome WP: from n/a through = 1.0...

CVE-2025-26567 WordPress Font Awesome WP plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in farjana55 Font Awesome WP font-awesome-wp allows DOM-Based XSS.This issue affects Font Awesome WP: from n/a through = 1.0...

CVE-2025-26567

CVE-2025-26567 concerns the Font Awesome WP WordPress plugin. The vulnerability is a DOM-based Cross-Site Scripting (XSS) due to improper neutralization of input during web page generation. Affected: Font Awesome WP versions n/a through 1.0. The provided documents do not specify exploit details, ...

CVE-2025-26558 WordPress Aparat Responsive plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mkkmail Aparat Responsive allows DOM-Based XSS. This issue affects Aparat Responsive: from n/a through 1.3...

CVE-2025-26558

CVE-2025-26558 concerns the WordPress plugin Aparat Responsive (mkkmail Aparat Responsive). Affected: Aparat Responsive up to version 1.3. Issue: improper neutralization of input during web page generation, leading to DOM-based XSS. Impact is cross-site scripting when rendering vulnerable pages; ...

CVE-2025-26558 WordPress Aparat Responsive plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mkkmail Aparat Responsive aparat-responsive allows DOM-Based XSS.This issue affects Aparat Responsive: from n/a through = 1.3...

JetBrains TeamCity < 2024.12.2 Multiple Vulnerabilities

The version of JetBrains TeamCity installed on the remote host is prior to 2024.12.2. It is, therefore, affected by multiple vulnerabilities: - In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources. CVE-2025-26492 - In JetBrains TeamCity...

CVE-2025-26493

In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab...

CVE-2025-26493

In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab...

CVE-2025-26493

In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab...

CVE-2025-26493

In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab...

PT-2025-6219

Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2024.12.2 Description The issue concerns a DOM-based cross-site scripting XSS condition in the Code Inspection Report tab. This occurs due to insufficient protection of the web page structure. Exploitation...