2583 matches found
CVE-2025-69275 Spectrum outdated java library in class-path
Dependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows DOM-Based XSS.This issue affects DX NetOps Spectrum: 24.3.9 and earlier...
CVE-2021-31673
A Dom-based Cross-site scripting XSS vulnerability at registration account in Cyclos 4 PRO.14.7 and before allows remote attackers to inject arbitrary web script or HTML via the groupId parameter...
CVE-2021-22993
On BIG-IP Advanced WAF and BIG-IP ASM versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3, DOM-based XSS on DoS Profile properties page. Note: Software versions which have reached End of Software Development EoSD are no...
CVE-2020-7239
The conversation-watson plugin before 0.8.21 for WordPress has a DOM-based XSS vulnerability that is executed when a chat message containing JavaScript is sent...
CVE-2025-23896
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thom4 Mindmeister Shortcode mindmeister-shortcode allows DOM-Based XSS.This issue affects Mindmeister Shortcode: from n/a through = 1.0...
CVE-2025-23830
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jobair JB Horizontal Scroller News Ticker jb-horizontal-scroller-news-ticker allows DOM-Based XSS.This issue affects JB Horizontal Scroller News Ticker: from n/a through = 1.0...
CVE-2025-23641
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PowieT Powie's pLinks PagePeeker plinks allows DOM-Based XSS.This issue affects Powie's pLinks PagePeeker: from n/a through = 1.0.2...
CVE-2025-23892
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Furr Progress Tracker progress-tracker allows DOM-Based XSS.This issue affects Progress Tracker: from n/a through = 0.9.3...
CVE-2025-23856
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Odyno Simple Vertical Timeline simple-vertical-timeline allows DOM-Based XSS.This issue affects Simple Vertical Timeline: from n/a through = 0.1...
CVE-2025-23642
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pflonk Sidebar-Content from Shortcode sidebar-content-from-shortcode allows DOM-Based XSS.This issue affects Sidebar-Content from Shortcode: from n/a through = 2.0...
CVE-2025-23987
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codegearthemes Designer designer allows DOM-Based XSS.This issue affects Designer: from n/a through = 1.6.4...
CVE-2025-23831
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mobstac QR Code Generator qrcode-wprhe allows DOM-Based XSS.This issue affects QR Code Generator: from n/a through = 1.2.6...
CVE-2025-23893
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Manny Costales GMap Shortcode gmap-shortcode allows DOM-Based XSS.This issue affects GMap Shortcode: from n/a through = 2.0...
CVE-2025-23644
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in justin.kuepper QuoteMedia Tools quotemedia-tools allows DOM-Based XSS.This issue affects QuoteMedia Tools: from n/a through = 1.0...
CVE-2026-22518
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pencilwp X Addons for Elementor x-addons-elementor allows DOM-Based XSS.This issue affects X Addons for Elementor: from n/a through = 1.0.23...
CVE-2026-22518
CVE-2026-22518 : The X Addons for Elementor plugin is affected by a DOM-based XSS vulnerability (Improper Neutralization of Input During Web Page Generation). The CVE covers X Addons for Elementor versions
CVE-2025-68890
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hands01 e-shops e-shops-cart2 allows DOM-Based XSS.This issue affects e-shops: from n/a through = 1.0.4...
CVE-2025-68867
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in anibalwainstein Effect Maker effect-maker allows DOM-Based XSS.This issue affects Effect Maker: from n/a through = 1.2.1...
CVE-2024-31088
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WPShop.Ru AdsPlace'r – Ad Manager, Inserter, AdSense Ads allows DOM-Based XSS.This issue affects AdsPlace'r – Ad Manager, Inserter, AdSense Ads: from n/a through 1.1.5...
CVE-2019-16414
A DOM based XSS in GFI Kerio Control v9.3.0 allows embedding of malicious code and manipulating the login page to send back a victim's cleartext credentials to an attacker via a login/?reason=failure= URI...