2584 matches found
CVE-2025-47507 WordPress Better Search <= 4.1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ajay Better Search allows DOM-Based XSS. This issue affects Better Search: from n/a through 4.1.0...
CVE-2025-47507 WordPress Better Search plugin <= 4.1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ajay Better Search better-search allows DOM-Based XSS.This issue affects Better Search: from n/a through = 4.1.0...
CVE-2025-47507
CVE-2025-47507 affects WordPress plugin Better Search (versions ≤ 4.1.0). It describes a DOM-based XSS due to improper neutralization of input during web page generation. Affected product/versions: Better Search for WordPress, from n/a through 4.1.0. Impact details are limited to the XSS class as...
CVE-2025-47506
CVE-2025-47506 (WordPress Contextual Related Posts) is a DOM-based XSS caused by improper input neutralization during page generation, affecting Contextual Related Posts versions n/a–4.0.2. It is not an active exploit entry in public docs; a patch exists and upgrading to a version newer than 4.0....
CVE-2025-47506 WordPress Contextual Related Posts plugin <= 4.0.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ajay Contextual Related Posts contextual-related-posts allows DOM-Based XSS.This issue affects Contextual Related Posts: from n/a through = 4.0.2...
CVE-2025-47501 WordPress Content Control plugin <= 2.6.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Daniel Iser Content Control content-control allows DOM-Based XSS.This issue affects Content Control: from n/a through = 2.6.1...
CVE-2025-47497 WordPress Logo Showcase plugin <= 3.0.4 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Logo Showcase logo-showcase allows DOM-Based XSS.This issue affects Logo Showcase: from n/a through = 3.0.4...
CVE-2025-47493
CVE-2025-47493 : WordPress plugin Ultimate Blocks (Ultimate Blocks) contains a DOM-based XSS due to improper input neutralization during web page generation. Affected versions are n/a through 3.2.9. The CVSS vector (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L) yields a base score of 6.5 (Medium). Exploit...
CVE-2025-47476 WordPress Cost Calculator for Elementor plugin <= 1.3.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in add-ons.org Cost Calculator for Elementor cost-calculator-for-elementor allows DOM-Based XSS.This issue affects Cost Calculator for Elementor: from n/a through = 1.3.3...
CVE-2025-47476 WordPress Cost Calculator for Elementor plugin <= 1.3.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in add-ons.org Cost Calculator for Elementor cost-calculator-for-elementor allows DOM-Based XSS.This issue affects Cost Calculator for Elementor: from n/a through = 1.3.3...
CVE-2025-47476
CVE-2025-47476 pertains to the WordPress plugin Cost Calculator for Elementor. It describes a DOM-Based XSS due to improper input neutralization during web page generation, affecting Cost Calculator for Elementor versions up to 1.3.3. The vulnerability is categorized as XSS with a medium base sco...
PT-2025-20125 · Code Atlantic · Code Atlantic Content Control
Name of the Vulnerable Software and Affected Versions: Code Atlantic Content Control versions n/a through 2.6.1 Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS attacks. This means that an attacker could potentially...
PT-2025-20106 · Elementor · Cost Calculator For Elementor
Name of the Vulnerable Software and Affected Versions: Cost Calculator for Elementor versions 1.3.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows for DOM-Based XSS. This means that an...
PT-2025-20137 · Unknown · Seb Wp Dpe-Ges
Name of the Vulnerable Software and Affected Versions: Seb WP DPE-GES versions 1.6 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an attacker could...
PT-2025-20166 · Unknown · Ebook Store
Name of the Vulnerable Software and Affected Versions: Ebook Store versions n/a through 5.8007 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an attacker could...
PT-2025-20130 · Unknown · Contextual Related Posts
Name of the Vulnerable Software and Affected Versions: Ajay Contextual Related Posts versions n/a through 4.0.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an...
PT-2025-20131 · Unknown · Ajay Better Search
Name of the Vulnerable Software and Affected Versions: Ajay Better Search versions n/a through 4.1.0 Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows DOM-Based XSS. Recommendations: For versions...
PT-2025-20114 · Unknown · Bold Page Builder
Name of the Vulnerable Software and Affected Versions: Bold Page Builder versions through 5.3.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows DOM-Based XSS. This enables potential attackers to...
CVE-2025-46534
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DanielRiera Image Style Hover image-content-show-hover allows DOM-Based XSS.This issue affects Image Style Hover: from n/a through = 1.0.6...
CVE-2025-46471
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gnanavelshenll WP Custom Post Popup custom-post-popup allows DOM-Based XSS.This issue affects WP Custom Post Popup: from n/a through = 1.0.1...