Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4380 matches found

Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.2 views

PT-2025-50044

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DFDevelopment Ronneby Theme Core ronneby-core allows DOM-Based XSS.This issue affects Ronneby Theme Core: from n/a through = 1.5.68...

6.4AI score0.00161EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.3 views

PT-2025-50075

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in muffingroup Betheme betheme allows DOM-Based XSS.This issue affects Betheme: from n/a through = 28.1.7...

6.5CVSS6.4AI score0.00161EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/12/09 12:0 a.m.5 views

WordPress plugin Betheme 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

6.5CVSS6AI score0.00161EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.2 views

PT-2025-50048

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CridioStudio ListingPro listingpro-plugin allows DOM-Based XSS.This issue affects ListingPro: from n/a through = 2.9.9...

6.4AI score0.00211EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.3 views

PT-2025-49923

CVE-2025-67549 Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobbingwide oik oik allows DOM-Based XSS.This issue affects oik:… https://t.co/n89C6BHSeV...

6.5CVSS6.4AI score0.00161EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/12/09 12:0 a.m.4 views

WordPress plugin Xpro Elementor Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

6.5CVSS5.9AI score0.00211EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.3 views

PT-2025-50046

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows DOM-Based XSS.This issue affects Xpro Elementor Addons: from n/a through = 1.4.19.1...

6.4AI score0.00211EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.5 views

PT-2025-50047

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in averta Master Slider Pro masterslider allows DOM-Based XSS.This issue affects Master Slider Pro: from n/a through = 3.7.12...

6.4AI score0.00214EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.4 views

PT-2025-50057

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows DOM-Based XSS.This issue affects Wp Ultimate Review: from n/a through = 2.3.6...

6.4AI score0.00231EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.3 views

PT-2025-50278

Name of the Vulnerable Software and Affected Versions ZITADEL versions 4.0.0-rc.1 through 4.7.0 Description ZITADEL, an open-source identity infrastructure tool, is susceptible to a DOM-Based Cross-Site Scripting XSS issue through the Zitadel V2 logout endpoint. The /logout API endpoint insecurel...

8CVSS6.3AI score0.00261EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.6 views

PT-2025-49927

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHigh Advanced FAQ Manager advanced-faq-manager allows DOM-Based XSS.This issue affects Advanced FAQ Manager: from n/a through = 1.5.2...

6.5CVSS6.4AI score0.00161EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/11/22 12:34 p.m.8 views

CVE-2025-66091

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Design Stylish Cost Calculator stylish-cost-calculator allows DOM-Based XSS.This issue affects Stylish Cost Calculator: from n/a through = 8.1.5...

6.5CVSS6.3AI score0.00132EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/11/22 12:33 p.m.7 views

CVE-2025-66090

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sonalsinha21 SKT Skill Bar skt-skill-bar allows DOM-Based XSS.This issue affects SKT Skill Bar: from n/a through = 2.5...

6.5CVSS6.3AI score0.00132EPSS
Exploits0References1
EUVD
EUVDadded 2025/11/21 3:31 p.m.16 views

EUVD-2025-198455

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hupe13 Extensions for Leaflet Map extensions-leaflet-map allows DOM-Based XSS.This issue affects Extensions for Leaflet Map: from n/a through = 4.8...

5.9AI score0.00132EPSS
Exploits0References2
EUVD
EUVDadded 2025/11/21 3:31 p.m.2 views

EUVD-2025-198474

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FunnelKit Funnel Builder by FunnelKit funnel-builder allows DOM-Based XSS.This issue affects Funnel Builder by FunnelKit: from n/a through = 3.13.1.2...

5.4CVSS5.9AI score0.00167EPSS
Exploits0References2
NVD
NVDadded 2025/11/21 1:15 p.m.14 views

CVE-2025-66090

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sonalsinha21 SKT Skill Bar skt-skill-bar allows DOM-Based XSS.This issue affects SKT Skill Bar: from n/a through = 2.5...

6.5CVSS0.00132EPSS
Exploits0References1
NVD
NVDadded 2025/11/21 1:15 p.m.4 views

CVE-2025-66091

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Design Stylish Cost Calculator stylish-cost-calculator allows DOM-Based XSS.This issue affects Stylish Cost Calculator: from n/a through = 8.1.5...

6.5CVSS0.00132EPSS
Exploits0References1
NVD
NVDadded 2025/11/21 1:15 p.m.18 views

CVE-2025-66093

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hupe13 Extensions for Leaflet Map extensions-leaflet-map allows DOM-Based XSS.This issue affects Extensions for Leaflet Map: from n/a through = 4.8...

6.5CVSS0.00132EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/11/21 12:29 p.m.1 views

CVE-2025-66093 WordPress Extensions for Leaflet Map plugin <= 4.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hupe13 Extensions for Leaflet Map extensions-leaflet-map allows DOM-Based XSS.This issue affects Extensions for Leaflet Map: from n/a through = 4.8...

6.5CVSS6AI score0.00132EPSS
Exploits0References1
CVE
CVEadded 2025/11/21 12:29 p.m.11 views

CVE-2025-66093

The CVE-2025-66093 entry concerns the WordPress plugin Extensions for Leaflet Map (extensions-leaflet-map). The issue is a DOM-based XSS caused by improper input neutralization during web page generation, affecting Extensions for Leaflet Map versions up to 4.8. Wordfence notes this vulnerability ...

6.5CVSS6AI score0.00132EPSS
Exploits0References1
Rows per page
Query Builder