CVE-2024-51674 WordPress Sastra Essential Addons for Elementor plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fast Themes Sastra Essential Addons for Elementor sastra-essential-addons-for-elementor allows DOM-Based XSS.This issue affects Sastra Essential Addons for Elementor: from n/a through = 1.0.5...

PT-2024-34731 · Themehat · Themehat Super Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Themehat Super Addons for Elementor versions 1.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for DOM-Based XSS in Themehat...

PT-2024-34818

Name of the Vulnerable Software and Affected Versions HasThemes HT Politic versions n/a through 2.4.4 Description The issue is related to improper neutralization of input during web page generation, allowing DOM-Based XSS. This is a type of Cross-site Scripting vulnerability. Recommendations For...

PT-2024-34745 · Unknown · Nmr Strava Activities

Name of the Vulnerable Software and Affected Versions: NMR Strava activities versions 1.0.0 through 1.0.6 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. Specifically, it is a DOM-Based XSS vulnerability. Th...

PT-2024-34732 · Unknown · Bigmart Elements

Name of the Vulnerable Software and Affected Versions: Bigmart Elements versions n/a through 1.0.3 Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for DOM-Based XSS attacks. Recommendations: F...

PT-2024-34819 · Unknown · Sastra Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Sastra Essential Addons for Elementor versions 1.0.0 through 1.0.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. Specifically, it is a DOM-Based XSS...

CVE-2024-49524

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user inpu...

CVE-2024-49524

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user inpu...

CVE-2024-49524

CVE-2024-49524 affects Adobe Experience Manager versions 6.5.20 and earlier, with a DOM-based Cross-Site Scripting (XSS) vulnerability. By manipulating a DOM element through a crafted URL or user input, an attacker can inject scripts that execute in the victim’s browser context. Exploitation typi...

CVE-2024-49524 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user inpu...

CVE-2024-49524 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user inpu...

CVE-2024-10266 Premium Addons for Elementor <= 4.10.60 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Video Box Widget

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video Box widget in all versions up to, and including, 4.10.60 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress Premium Addons for Elementor plugin <= 4.10.60 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Video Box Widget vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Video Box Widget vulnerability discovered by zer0gh0st in WordPress Plugin Premium Addons for Elementor versions = 4.10.60...

CVE-2024-50469

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brightvesseldev Textboxes textboxes allows DOM-Based XSS.This issue affects Textboxes: from n/a through = 0.1.3.1...

CVE-2024-50469

CVE-2024-50469 is a DOM-based XSS vulnerability in the WordPress Textboxes plugin (versions up to 0.1.3.1). The issue is described as Improper Neutralization of Input During Web Page Generation (XSS) affecting Textboxes; CVSS 3.1 base score 6.5 (Network, Low Privileges, User Interaction required,...

PT-2024-34245 · Unknown · Team Bright Vessel Textboxes

Name of the Vulnerable Software and Affected Versions: Team Bright Vessel Textboxes versions 0.1.3.1 and earlier Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This is a DOM-Based XSS vulnerability...

CVE-2024-9650 WP Recipe Maker <= 9.6.1 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'tooltip'

The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip’ parameter in all versions up to, and including, 9.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acce...

CVE-2024-8500 WP Shortcodes Plugin — Shortcodes Ultimate <= 7.2.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the several parameters in all versions up to, and including, 7.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2024-49241

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tady Tito tito allows DOM-Based XSS.This issue affects Tito: from n/a through = 2.3...

CVE-2024-49232

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Javier Loureiro El mejor Cluster allows DOM-Based XSS.This issue affects El mejor Cluster: from n/a through 1.1.15...