4380 matches found
CVE-2026-27059
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Recipe penci-recipe allows DOM-Based XSS.This issue affects Penci Recipe: from n/a through = 4.1...
CVE-2026-25453
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...
CVE-2026-25305
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore xstore allows DOM-Based XSS.This issue affects XStore: from n/a through = 9.6.4...
CVE-2026-25307
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore Core et-core-plugin allows DOM-Based XSS.This issue affects XStore Core: from n/a through 5.7...
CVE-2026-27069
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Soledad soledad allows DOM-Based XSS.This issue affects Soledad: from n/a through = 8.7.2...
CVE-2026-27069 WordPress Soledad theme <= 8.7.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Soledad soledad allows DOM-Based XSS.This issue affects Soledad: from n/a through = 8.7.2...
CVE-2026-27069
CVE-2026-27069 affects the WordPress Soledad theme
CVE-2026-27058
The CVE-2026-27058 entry concerns the WordPress Penci Podcast plugin (versions up to 1.7). The vulnerability is a client-side DOM-based Cross-Site Scripting (XSS) flaw caused by improper neutralization of input during web page generation. Affected component is the plugin in the WordPress environm...
CVE-2026-27059 WordPress Penci Recipe plugin <= 4.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Recipe penci-recipe allows DOM-Based XSS.This issue affects Penci Recipe: from n/a through = 4.1...
CVE-2026-27059
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Recipe penci-recipe allows DOM-Based XSS.This issue affects Penci Recipe: from n/a through = 4.1...
CVE-2026-27059 WordPress Penci Recipe plugin <= 4.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Recipe penci-recipe allows DOM-Based XSS.This issue affects Penci Recipe: from n/a through = 4.1...
CVE-2026-27058 WordPress Penci Podcast plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Podcast penci-podcast allows DOM-Based XSS.This issue affects Penci Podcast: from n/a through = 1.7...
CVE-2026-27059
CVE-2026-27059 affects the WordPress plugin Penci Recipe (penci-recipe) versions up to 4.1, enabling a DOM-based XSS due to improper input neutralization during web page generation. The issue is described across multiple sources as a cross-site scripting vulnerability in Penci Recipe, with an exp...
CVE-2026-25453 WordPress Advanced iFrame plugin <= 2025.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...
CVE-2026-25453
CVE-2026-25453 : DOM-based XSS in WordPress plugin Advanced iFrame (advanced-iframe) due to improper input neutralization during web page generation. Affected: Advanced iFrame versions up to 2025.10. The CVSS v3.1 base score is 6.5 (Medium). Exploitation details are not provided in the documents;...
CVE-2026-25453 WordPress Advanced iFrame plugin <= 2025.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...
CVE-2026-25343 WordPress WP SMS plugin <= 7.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VeronaLabs WP SMS wp-sms allows DOM-Based XSS.This issue affects WP SMS: from n/a through = 7.1...
CVE-2026-25343
CVE-2026-25343 is a DOM-based XSS in the VeronaLabs WP SMS wp-sms WordPress plugin (
CVE-2026-25331
CVE-2026-25331 describes a DOM-based XSS in the WordPress plugin WP Activity Log (Melapress WP Activity Log) through improper input neutralization during web page generation. Affected range is WP Activity Log versions up to and including 5.5.4. The advisory notes this is a cross-site scripting vu...
CVE-2026-25331 WordPress WP Activity Log plugin <= 5.5.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through = 5.5.4...