PT-2025-27195 · WordPress · Samsk Wp Datatable

Name of the Vulnerable Software and Affected Versions: samsk WP DataTable versions 0.2.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows DOM-Based XSS in samsk WP DataTable...

PT-2025-27154 · Elementor · Ht Slider For Elementor

Name of the Vulnerable Software and Affected Versions: HT Slider For Elementor versions 1.6.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an attacker...

CVE-2025-52875

In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible...

CVE-2025-52875

In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible...

CVE-2025-52875

In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible...

CVE-2025-52875

In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible...

CVE-2025-52875

In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible...

CVE-2025-52875

JetBrains TeamCity before 2025.03.3 is affected by a DOM-based XSS on the Performance Monitor page. The vulnerability stems from insufficient filtering/escaping of user-supplied data, allowing an attacker to inject arbitrary JavaScript/HTML that runs in a victim’s browser. Impact is browser-level...

CVE-2025-52733

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anonform Ab ANON::form embedded secure form anonform-embedded-secure-form allows DOM-Based XSS.This issue affects ANON::form embedded secure form: from n/a through = 1.7...

CVE-2025-50045

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ProWCPlugins Related Products Manager for WooCommerce related-products-manager-woocommerce allows DOM-Based XSS.This issue affects Related Products Manager for WooCommerce: from n/a through = 1.6.2...

CVE-2025-50030

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sparklewpthemes Spark Multipurpose spark-multipurpose allows DOM-Based XSS.This issue affects Spark Multipurpose: from n/a through = 1.0.7...

CVE-2025-50033

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sparklewpthemes Fitness Park fitness-park allows DOM-Based XSS.This issue affects Fitness Park: from n/a through = 1.1.1...

PT-2025-26598 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2025.03.3 Description: A DOM-based XSS issue was found at the Performance Monitor page. Recommendations: For versions prior to 2025.03.3, update to version 2025.03.3 or later to resolve the issue...

CVE-2025-52552

FastGPT is an AI Agent building platform. Prior to version 4.9.12, the LastRoute Parameter on login page is vulnerable to open redirect and DOM-based XSS. Improper validation and lack of sanitization of this parameter allows attackers execute malicious JavaScript or redirect them to...

CVE-2025-52552 FastGPT LastRoute Parameter on Login Page Vulnerable to Open Redirect and DOM-based XSS

FastGPT is an AI Agent building platform. Prior to version 4.9.12, the LastRoute Parameter on login page is vulnerable to open redirect and DOM-based XSS. Improper validation and lack of sanitization of this parameter allows attackers execute malicious JavaScript or redirect them to...

CVE-2025-52552 FastGPT LastRoute Parameter on Login Page Vulnerable to Open Redirect and DOM-based XSS

FastGPT is an AI Agent building platform. Prior to version 4.9.12, the LastRoute Parameter on login page is vulnerable to open redirect and DOM-based XSS. Improper validation and lack of sanitization of this parameter allows attackers execute malicious JavaScript or redirect them to...

CVE-2025-52552

CVE-2025-52552 concerns FastGPT, where the LastRoute Parameter on the login page, in versions prior to 4.9.12, is vulnerable to open redirects and DOM-based XSS due to improper validation and lack of sanitization. This can allow an attacker to execute malicious JavaScript or redirect users to att...

PT-2025-26492

Name of the Vulnerable Software and Affected Versions: FastGPT versions prior to 4.9.12 Description: The issue concerns the LastRoute Parameter on the login page, which is vulnerable to open redirect and DOM-based XSS due to improper validation and lack of sanitization. This allows attackers to...

CVE-2025-52733

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anonform Ab ANON::form embedded secure form anonform-embedded-secure-form allows DOM-Based XSS.This issue affects ANON::form embedded secure form: from n/a through = 1.7...

CVE-2025-50045

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ProWCPlugins Related Products Manager for WooCommerce related-products-manager-woocommerce allows DOM-Based XSS.This issue affects Related Products Manager for WooCommerce: from n/a through = 1.6.2...