4382 matches found
CVE-2025-22781
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nativery Nativery nativery allows DOM-Based XSS.This issue affects Nativery: from n/a through = 0.1.6...
CVE-2025-22758
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Harnani Elementor AI Addons ai-addons-for-elementor allows DOM-Based XSS.This issue affects Elementor AI Addons: from n/a through = 2.2.1...
CVE-2025-22742
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in falldeaf WP ViewSTL wp-viewstl allows DOM-Based XSS.This issue affects WP ViewSTL: from n/a through = 1.0...
CVE-2025-22743
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mohsin Rasool Twitter Bootstrap Collapse aka Accordian Shortcode twitter-bootstrap-collapse-aka-accordian-shortcode allows DOM-Based XSS.This issue affects Twitter Bootstrap Collapse aka Accordian...
CVE-2025-22745
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bjoerne Navigation Du Lapin Blanc navigation-du-lapin-blanc allows DOM-Based XSS.This issue affects Navigation Du Lapin Blanc: from n/a through = 1.1.1...
CVE-2025-22743 WordPress Twitter Bootstrap Collapse aka Accordian Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mohsin Rasool Twitter Bootstrap Collapse aka Accordian Shortcode allows DOM-Based XSS.This issue affects Twitter Bootstrap Collapse aka Accordian Shortcode: from n/a through 1.0...
CVE-2025-22743 WordPress Twitter Bootstrap Collapse aka Accordian Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mohsin Rasool Twitter Bootstrap Collapse aka Accordian Shortcode twitter-bootstrap-collapse-aka-accordian-shortcode allows DOM-Based XSS.This issue affects Twitter Bootstrap Collapse aka Accordian...
CVE-2025-22743
CVE-2025-22743: DOM-Based XSS in Twitter Bootstrap Collapse (Accordion Shortcode). Improper input handling in Twitter Bootstrap Collapse/Accordion Shortcode allows cross-site scripting. Affected: Twitter Bootstrap Collapse aka Accordion Shortcode from n/a to 1.0. Published 2025-01-14. Connected d...
CVE-2025-22742 WordPress WP ViewSTL plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in falldeaf WP ViewSTL wp-viewstl allows DOM-Based XSS.This issue affects WP ViewSTL: from n/a through = 1.0...
CVE-2025-22742
CVE-2025-22742 affects the WP ViewSTL plugin for WordPress (falldeaf). It is a DOM-based XSS caused by improper input handling during web-page generation, affecting WP ViewSTL up to version 1.0. The Wordfence entry notes a patch status of Unpatched and provides no exploitation details or remediat...
CVE-2025-22745
CVE-2025-22745 is a DOM-based XSS in Navigation Du Lapin Blanc (Navigation Du Lapin Blanc: n/a–1.1.1). Root cause: improper neutralization of input during web page generation. Affected products: Navigation Du Lapin Blanc; versions up to 1.1.1. Impact, as stated: cross-site scripting with potentia...
CVE-2025-22745 WordPress Navigation Du Lapin Blanc plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Björn Weinbrenner Navigation Du Lapin Blanc allows DOM-Based XSS.This issue affects Navigation Du Lapin Blanc: from n/a through 1.1.1...
CVE-2025-22758 WordPress Elementor AI Addons plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Harnani Elementor AI Addons ai-addons-for-elementor allows DOM-Based XSS.This issue affects Elementor AI Addons: from n/a through = 2.2.1...
CVE-2025-22758
CVE-2025-22758 is an authenticated DOM-based Cross-Site Scripting vulnerability in Elementor AI Addons (70 Widgets, Premium Templates, Ultimate Elements) caused by improper input neutralization during web page generation. Affected: Elementor AI Addons versions up to 2.2.1. Impact per the provider...
CVE-2025-22758 WordPress Elementor AI Addons plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Harnani Elementor AI Addons ai-addons-for-elementor allows DOM-Based XSS.This issue affects Elementor AI Addons: from n/a through = 2.2.1...
CVE-2025-22781 WordPress Nativery Plugin plugin <= 0.1.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nativery Nativery nativery allows DOM-Based XSS.This issue affects Nativery: from n/a through = 0.1.6...
CVE-2025-22793 WordPress Bold pagos en linea Plugin <= 3.1.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bold Bold pagos en linea bold-pagos-en-linea allows DOM-Based XSS.This issue affects Bold pagos en linea: from n/a through = 3.1.4...
CVE-2025-22793
CVE-2025-22793 affects the WordPress plugin Bold pagos en linea (bold-pagos-en-linea). Description confirms a DOM-Based XSS due to improper input neutralization, impacting Bold pagos en linea versions up to and including 3.1.4. Public corpus in connected documents indicates the vulnerability exis...
PT-2025-4663 · WordPress · Wp Viewstl
Name of the Vulnerable Software and Affected Versions: WP ViewSTL versions 1.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This means that an attacker could potentially inject malicious scripts into...
PT-2025-4703 · Unknown · Bold Pagos En Linea
Name of the Vulnerable Software and Affected Versions: Bold pagos en linea versions prior to 3.1.0 Description: The issue is related to improper neutralization of input during web page generation, allowing DOM-Based XSS. This enables attackers to inject malicious scripts into the website,...