CVE-2025-67984

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in calliko NPS computy nps-computy allows DOM-Based XSS.This issue affects NPS computy: from n/a through = 2.8.2...

CVE-2026-24949

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods PhotoMe photome allows DOM-Based XSS.This issue affects PhotoMe: from n/a through = 5.7.1...

CVE-2026-24949 WordPress PhotoMe theme <= 5.7.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods PhotoMe photome allows DOM-Based XSS.This issue affects PhotoMe: from n/a through = 5.7.1...

CVE-2025-67984

CVE-2025-67984 is a DOM-based XSS vulnerability in the WordPress plugin NPS computy (nps-computy) , affecting versions up through and including 2.8.2 . The connected Red Hat and CVE entries confirm the flaw is an input handling/neutralization issue during web page generation that enables cross-si...

CVE-2026-25305

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore xstore allows DOM-Based XSS.This issue affects XStore: from n/a through = 9.6.4...

CVE-2026-27069

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Soledad soledad allows DOM-Based XSS.This issue affects Soledad: from n/a through = 8.7.2...

CVE-2026-27059 WordPress Penci Recipe plugin <= 4.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Recipe penci-recipe allows DOM-Based XSS.This issue affects Penci Recipe: from n/a through = 4.1...

CVE-2026-27059 WordPress Penci Recipe plugin <= 4.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Recipe penci-recipe allows DOM-Based XSS.This issue affects Penci Recipe: from n/a through = 4.1...

CVE-2026-27058 WordPress Penci Podcast plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Podcast penci-podcast allows DOM-Based XSS.This issue affects Penci Podcast: from n/a through = 1.7...

CVE-2026-27058

The CVE-2026-27058 entry concerns the WordPress Penci Podcast plugin (versions up to 1.7). The vulnerability is a client-side DOM-based Cross-Site Scripting (XSS) flaw caused by improper neutralization of input during web page generation. Affected component is the plugin in the WordPress environm...

CVE-2026-25453 WordPress Advanced iFrame plugin <= 2025.10 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...

CVE-2026-25331

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through = 5.5.4...

CVE-2026-25331 WordPress WP Activity Log plugin <= 5.5.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through = 5.5.4...

CVE-2026-25307 WordPress XStore Core plugin < 5.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore Core et-core-plugin allows DOM-Based XSS.This issue affects XStore Core: from n/a through 5.7...

CVE-2026-25847

In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer page was possible...

CVE-2026-25847

In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer page was possible...

CVE-2026-25847

In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer page was possible...

WordPress Bold Page Builder plugin <= 5.5.3 - Authenticated (Author+) Stored DOM-based Cross-Site Scripting in Post Grid vulnerability

Authenticated Author+ Stored DOM-based Cross-Site Scripting in Post Grid vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Bold Page Builder versions = 5.5.3...

CVE-2026-24526

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Steve Truman Email Inquiry & Cart Options for WooCommerce woocommerce-email-inquiry-cart-options allows DOM-Based XSS.This issue affects Email Inquiry & Cart Options for WooCommerce: from n/a throu...

CVE-2026-24621

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vladimir Statsenko Terms descriptions terms-descriptions allows DOM-Based XSS.This issue affects Terms descriptions: from n/a through = 3.4.9...