CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2583 matches found

RedhatCVE•added 2025/05/23 6:39 a.m.•6 views

CVE-2024-51824

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Karam Singh Advanced Video Player with Analytics advanced-video-player-with-analytics allows DOM-Based XSS.This issue affects Advanced Video Player with Analytics: from n/a through = 1...

6.5CVSS7.2AI score0.00361EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:39 a.m.•4 views

CVE-2024-51842

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sazzad Image Carousel Shortcode image-carousel-shortcode allows DOM-Based XSS.This issue affects Image Carousel Shortcode: from n/a through = 1.2...

6.5CVSS7.2AI score0.00374EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:39 a.m.•7 views

CVE-2024-51796

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shahjahan Jewel Trendy Restaurant Menu trendy-restaurant-menu allows DOM-Based XSS.This issue affects Trendy Restaurant Menu: from n/a through = 1.0.0...

6.5CVSS7.2AI score0.00374EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:39 a.m.•4 views

CVE-2024-51873

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Masashi Takizawa Multi-day Booking Calendar multi-day-booking-calendar allows DOM-Based XSS.This issue affects Multi-day Booking Calendar: from n/a through = 1.0.1...

6.5CVSS7.2AI score0.00302EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:27 a.m.•6 views

CVE-2024-52353

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gabriel Serafini Christian Science Bible Lesson Subjects christian-science-bible-lesson-subjects allows DOM-Based XSS.This issue affects Christian Science Bible Lesson Subjects: from n/a through =...

6.5CVSS7.2AI score0.00248EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:27 a.m.•3 views

CVE-2024-52358

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CyberChimps Responsive Addons for Elementor responsive-addons-for-elementor allows DOM-Based XSS.This issue affects Responsive Addons for Elementor: from n/a through = 1.5.4...

6.5CVSS7.2AI score0.00258EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:27 a.m.•5 views

CVE-2024-51571

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in masterbip MasterBip para Elementor masterbip-for-elementor allows DOM-Based XSS.This issue affects MasterBip para Elementor: from n/a through = 1.6.3...

6.5CVSS5.9AI score0.00243EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:26 a.m.•5 views

CVE-2024-51674

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fast Themes Sastra Essential Addons for Elementor sastra-essential-addons-for-elementor allows DOM-Based XSS.This issue affects Sastra Essential Addons for Elementor: from n/a through = 1.0.5...

6.5CVSS5.9AI score0.00243EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:26 a.m.•6 views

CVE-2024-51603

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mirceatm NMR Strava activities nmr-strava-activities allows DOM-Based XSS.This issue affects NMR Strava activities: from n/a through = 1.0.7...

6.5CVSS5.9AI score0.00248EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:26 a.m.•4 views

CVE-2024-51605

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Genoo Genoo genoo allows DOM-Based XSS.This issue affects Genoo: from n/a through = 6.0.10...

6.5CVSS5.9AI score0.00229EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:26 a.m.•9 views

CVE-2024-51588

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in riponhossain Super Addons for Elementor super-addons-for-elementor allows DOM-Based XSS.This issue affects Super Addons for Elementor: from n/a through = 1.0...

6.5CVSS5.9AI score0.00248EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:25 a.m.•7 views

CVE-2024-51592

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mystical Themes Meta Store Elements meta-store-elements allows DOM-Based XSS.This issue affects Meta Store Elements: from n/a through = 1.0.9...

6.5CVSS5.9AI score0.00234EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:23 a.m.•5 views

CVE-2024-54360

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in premila Gutensee gutensee allows DOM-Based XSS.This issue affects Gutensee: from n/a through = 1.0.6...

6.5CVSS7.2AI score0.00376EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:17 a.m.•8 views

CVE-2024-50469

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brightvesseldev Textboxes textboxes allows DOM-Based XSS.This issue affects Textboxes: from n/a through = 0.1.3.1...

6.5CVSS5.9AI score0.00245EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:15 a.m.•3 views

CVE-2024-54277

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alireza Aliniya Nias course nias-course allows DOM-Based XSS.This issue affects Nias course: from n/a through = 1.2.10...

6.5CVSS7.2AI score0.00376EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 1:49 a.m.•9 views

CVE-2023-2317

DOM-based XSS in updater/update.html in Typora before 1.6.7 on Windows and Linux allows a crafted markdown file to run arbitrary JavaScript code in the context of Typora main window via loading typora://app/typemark/updater/update.html in tag. This vulnerability can be exploited if a user opens a...

9.6CVSS6.2AI score0.02161EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 11:16 p.m.•6 views

CVE-2022-36325

Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS...

6.8CVSS7AI score0.00794EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:7 p.m.•8 views

CVE-2021-40094

A DOM-based XSS vulnerability affects SquaredUp for SCOM 5.2.1.6654. If successfully exploited, this vulnerability may allow attackers to inject malicious code into a user's device...

5.4CVSS6.2AI score0.00458EPSS

Exploits0

RedhatCVE•added 2025/05/22 6:39 p.m.•16 views

CVE-2021-36760

In accountrecoveryendpoint/recoverpassword.do in WSO2 Identity Server 5.7.0, it is possible to perform a DOM-Based XSS attack affecting the callback parameter modifying the URL that precedes the callback parameter. Once the username or password reset procedure is completed, the JavaScript code wi...

6.1CVSS6.3AI score0.00723EPSS

Exploits0References1

Vulnrichment•added 2025/05/22 5:29 p.m.•8 views

CVE-2025-48368 GroupOffice's DOM-Based XSS in all Date Input Fields Allows Arbitrary JavaScript Execution

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.119 and 25.0.20, a DOM-based Cross-Site Scripting XSS vulnerability exists in the GroupOffice application, allowing attackers to execute arbitrary JavaScript code in the context of the victim'...

6.5CVSS5.7AI score0.00218EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by