PT-2025-29860 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: Adobe Experience Manager is susceptible to a DOM-based Cross-Site Scripting XSS issue. A low privileged attacker could exploit this issue by manipulating the DOM environment to...

PT-2025-29859 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: Adobe Experience Manager is susceptible to a DOM-based Cross-Site Scripting XSS issue. A low privileged attacker could exploit this issue by manipulating the DOM environment to...

CVE-2025-49247

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cmoreira Team Showcase team-showcase-cm allows DOM-Based XSS.This issue affects Team Showcase: from n/a through 25.05.13...

CVE-2025-30943

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...

CVE-2025-30983

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Card flip image slideshow card-flip-image-slideshow allows DOM-Based XSS.This issue affects Card flip image slideshow: from n/a through = 1.5...

CVE-2025-24764

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A. Jones Simply Guest Author Name guest-author-name allows DOM-Based XSS.This issue affects Simply Guest Author Name: from n/a through = 4.36...

CVE-2025-49247

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cmoreira Team Showcase team-showcase-cm allows DOM-Based XSS.This issue affects Team Showcase: from n/a through 25.05.13...

CVE-2025-30983

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Card flip image slideshow card-flip-image-slideshow allows DOM-Based XSS.This issue affects Card flip image slideshow: from n/a through = 1.5...

CVE-2025-30943

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...

CVE-2025-24764

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A. Jones Simply Guest Author Name guest-author-name allows DOM-Based XSS.This issue affects Simply Guest Author Name: from n/a through = 4.36...

CVE-2025-30983 WordPress Card flip image slideshow plugin <= 1.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Card flip image slideshow card-flip-image-slideshow allows DOM-Based XSS.This issue affects Card flip image slideshow: from n/a through = 1.5...

CVE-2025-30983

CVE-2025-30983 affects the gopiplus Card flip image slideshow (WordPress plugin) with versions 1.5 and earlier. The vulnerability is DOM-based XSS caused by improper input neutralization during web page generation. Public sources indicate the issue exists and is currently unpatched; no confirmed ...

CVE-2025-30943 WordPress Posts Slider Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...

CVE-2025-24764

The CVE-2025-24764 entry pertains to the WordPress plugin “(Simply) Guest Author Name” (versions up to 4.36) and describes a DOM-based Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Public sources in the connected docs indicate this is...

PT-2025-27919 · Unknown · Cmoreira Team Showcase

Name of the Vulnerable Software and Affected Versions: cmoreira Team Showcase affected versions not specified Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an attack...

PT-2025-27872 · Unknown · Guest Author Name

Name of the Vulnerable Software and Affected Versions: Simply Guest Author Name versions n/a through 4.36 Description: The issue is related to improper neutralization of input during web page generation, which allows DOM-Based XSS. This enables potential attackers to execute malicious scripts in...

CVE-2025-53275

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VaultDweller Leyka leyka allows DOM-Based XSS.This issue affects Leyka: from n/a through = 3.32.1...

CVE-2025-53279

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows DOM-Based XSS.This issue affects Popup addon for Ninja Forms: from n/a through = 3.4...

CVE-2025-53292

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in samsk WP DataTable wp-datatable allows DOM-Based XSS.This issue affects WP DataTable: from n/a through = 0.2.7...

CVE-2025-53202

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CyberChimps Responsive Blocks responsive-block-editor-addons allows DOM-Based XSS.This issue affects Responsive Blocks: from n/a through = 2.0.6...