852 matches found
CVE-2025-23679
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Flourish Pixel FP RSS Category Excluder fp-rss-category-excluder allows Reflected XSS.This issue affects FP RSS Category Excluder: from n/a through = 1.0.0...
CVE-2022-35851
An improper neutralization of input during web page generation vulnerability CWE-79 in FortiADC management interface 7.1.0 may allow a remote and authenticated attacker to trigger a stored cross site scripting XSS attack via configuring a specially crafted IP Address...
WordPress plugin Famous 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2026-2195
Name of the Vulnerable Software and Affected Versions pencilwp X Addons for Elementor versions through 1.0.23 Description An issue exists in pencilwp X Addons for Elementor that allows for DOM-Based Cross-site Scripting XSS. This is due to improper neutralization of input during web page...
PT-2026-1926
Name of the Vulnerable Software and Affected Versions WP-BusinessDirectory versions through 3.1.5 Description The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to a Reflected Cross-site Scripting XSS condition. This allows for the injection of...
WordPress plugin WP App Bar 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2026-1653
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit Pro allows Reflected XSS.This issue affects WidgetKit Pro: from n/a through 1.13.1...
CVE-2025-13744
An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component search across GitHub that could be used to exfiltrate sensitive information. An attacker would requi...
PT-2026-1281
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in INTINITUM FORM Geo Controller allows DOM-Based XSS.This issue affects Geo Controller: from n/a through 8.5.2...
CVE-2025-62752
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kalender.digital Kalender.digital kalender-digital allows DOM-Based XSS.This issue affects Kalender.digital: from n/a through = 1.0.13...
CVE-2025-62757
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier webman-amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through = 1.5.12...
CVE-2025-62759
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Justin Tadlock Series series allows Stored XSS.This issue affects Series: from n/a through = 2.0.1...
EUVD-2025-206070
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Proloy Chakroborty ZD Scribd iPaper allows Reflected XSS.This issue affects ZD Scribd iPaper: from n/a through 1.0...
EUVD-2025-205920
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through 1.5.12...
EUVD-2025-205922
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThinkUpThemes Consulting allows Stored XSS.This issue affects Consulting: from n/a through 1.5.0...
PT-2025-54327
Name of the Vulnerable Software and Affected Versions Wayne Allen Postie versions through 1.9.73 Description The software contains a flaw related to improper input handling during web page generation, specifically a Stored Cross-site Scripting issue. This allows for the injection of malicious...
WordPress plugin和WordPress 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
PT-2025-54401
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Omar Mohamed Mohamoud LIVE TV allows Reflected XSS.This issue affects LIVE TV: from n/a through 1.2...
WordPress plugin Audiomack 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
WordPress plugin Content Fetcher 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...