CVE-2024-31088

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WPShop.Ru AdsPlace'r – Ad Manager, Inserter, AdSense Ads allows DOM-Based XSS.This issue affects AdsPlace'r – Ad Manager, Inserter, AdSense Ads: from n/a through 1.1.5...

CVE-2024-30547

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Shazdeh Header Image Slider header-image-slider allows DOM-Based XSS.This issue affects Header Image Slider: from n/a through 0.3...

WordPress plugin X Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2019-16414

A DOM based XSS in GFI Kerio Control v9.3.0 allows embedding of malicious code and manipulating the login page to send back a victim's cleartext credentials to an attacker via a login/?reason=failure= URI...

CVE-2024-2666

The Premium Addons for Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the plugin's Bullet List Widget in all versions up to, and including, 4.10.24 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-30547

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Shazdeh Header Image Slider header-image-slider allows DOM-Based XSS.This issue affects Header Image Slider: from n/a through 0.3...

CVE-2024-31088 WordPress AdsPlace'r – Ad Manager, Inserter, AdSense Ads plugin <= 1.1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WPShop.Ru AdsPlace'r – Ad Manager, Inserter, AdSense Ads allows DOM-Based XSS.This issue affects AdsPlace'r – Ad Manager, Inserter, AdSense Ads: from n/a through 1.1.5...

CVE-2024-31088 WordPress AdsPlace'r – Ad Manager, Inserter, AdSense Ads plugin <= 1.1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WPShop.Ru AdsPlace'r – Ad Manager, Inserter, AdSense Ads allows DOM-Based XSS.This issue affects AdsPlace'r – Ad Manager, Inserter, AdSense Ads: from n/a through 1.1.5...

CVE-2025-69360 WordPress TheGem Theme Elements (for WPBakery) plugin <= 5.11.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for WPBakery thegem-elements allows DOM-Based XSS.This issue affects TheGem Theme Elements for WPBakery: from n/a through = 5.11.0...

CVE-2024-23511

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.3.3...

SUSE CVE-2025-67495

ZITADEL is an open-source identity infrastructure tool. Versions 4.0.0-rc.1 through 4.7.0 are vulnerable to DOM-Based XSS through the Zitadel V2 logout endpoint. The /logout endpoint insecurely routes to a value that is supplied in the postlogoutredirect GET parameter. As a result, unauthenticate...

PT-2026-1493

Name of the Vulnerable Software and Affected Versions WPShop.Ru AdsPlace'r – Ad Manager, Inserter, AdSense Ads versions through 1.1.5 Description The software contains a flaw related to improper input handling during web page creation, leading to a DOM-Based Cross-site Scripting XSS condition. Th...

PT-2026-1487

Name of the Vulnerable Software and Affected Versions CodexThemes TheGem Theme Elements for WPBakery versions through 5.11.0 Description TheGem Theme Elements for WPBakery contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting XSS...

WordPress plugin TheGem Theme Elements (for WPBakery) 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

CVE-2024-30461

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Tumult Inc Tumult Hype Animations allows DOM-Based XSS.This issue affects Tumult Hype Animations: from n/a through 1.9.11...

EUVD-2024-28382

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Tumult Inc Tumult Hype Animations allows DOM-Based XSS.This issue affects Tumult Hype Animations: from n/a through 1.9.11...

CVE-2024-30461 WordPress Tumult Hype Animations plugin <= 1.9.11 - CSRF to XSS vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Tumult Inc Tumult Hype Animations allows DOM-Based XSS.This issue affects Tumult Hype Animations: from n/a through 1.9.11...

CVE-2023-49186

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in KlbTheme Machic Core allows DOM-Based XSS.This issue affects Machic Core: from n/a through 1.2.6...

CVE-2024-23511

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.3.3...

CVE-2024-23511 WordPress The Plus Addons for Elementor plugin <= 5.3.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.3.3...