Lucene search
K

852 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:46 a.m.6 views

CVE-2025-23679

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Flourish Pixel FP RSS Category Excluder fp-rss-category-excluder allows Reflected XSS.This issue affects FP RSS Category Excluder: from n/a through = 1.0.0...

7.1CVSS7.2AI score0.0036EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:39 a.m.12 views

CVE-2022-35851

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiADC management interface 7.1.0 may allow a remote and authenticated attacker to trigger a stored cross site scripting XSS attack via configuring a specially crafted IP Address...

8CVSS5.5AI score0.00448EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/08 12:0 a.m.4 views

WordPress plugin Famous 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.1CVSS6AI score0.00228EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.11 views

PT-2026-2195

Name of the Vulnerable Software and Affected Versions pencilwp X Addons for Elementor versions through 1.0.23 Description An issue exists in pencilwp X Addons for Elementor that allows for DOM-Based Cross-site Scripting XSS. This is due to improper neutralization of input during web page...

6.5CVSS6.6AI score0.00175EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.4 views

PT-2026-1926

Name of the Vulnerable Software and Affected Versions WP-BusinessDirectory versions through 3.1.5 Description The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to a Reflected Cross-site Scripting XSS condition. This allows for the injection of...

7.1CVSS6.1AI score0.00194EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/08 12:0 a.m.5 views

WordPress plugin WP App Bar 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.1CVSS5.9AI score0.00149EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.7 views

PT-2026-1653

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit Pro allows Reflected XSS.This issue affects WidgetKit Pro: from n/a through 1.13.1...

7.1CVSS6.4AI score0.00146EPSS
Exploits0References2
OSV
OSV
added 2026/01/06 9:15 p.m.6 views

CVE-2025-13744

An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component search across GitHub that could be used to exfiltrate sensitive information. An attacker would requi...

5.4CVSS5.7AI score0.00182EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.7 views

PT-2026-1281

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in INTINITUM FORM Geo Controller allows DOM-Based XSS.This issue affects Geo Controller: from n/a through 8.5.2...

6.5CVSS6.4AI score0.00135EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/01 12:17 p.m.8 views

CVE-2025-62752

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kalender.digital Kalender.digital kalender-digital allows DOM-Based XSS.This issue affects Kalender.digital: from n/a through = 1.0.13...

6.5CVSS5.9AI score0.00168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/01 12:17 p.m.10 views

CVE-2025-62757

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier webman-amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through = 1.5.12...

6.5CVSS5.9AI score0.00173EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/01 9:12 a.m.8 views

CVE-2025-62759

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Justin Tadlock Series series allows Stored XSS.This issue affects Series: from n/a through = 2.0.1...

6.5CVSS5.9AI score0.00141EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/31 9:30 p.m.4 views

EUVD-2025-206070

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Proloy Chakroborty ZD Scribd iPaper allows Reflected XSS.This issue affects ZD Scribd iPaper: from n/a through 1.0...

7.1CVSS5.9AI score0.00149EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/31 11:53 a.m.4 views

EUVD-2025-205920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through 1.5.12...

6.5CVSS5.9AI score0.00173EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/31 11:50 a.m.4 views

EUVD-2025-205922

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThinkUpThemes Consulting allows Stored XSS.This issue affects Consulting: from n/a through 1.5.0...

6.5CVSS5.5AI score0.00168EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.4 views

PT-2025-54327

Name of the Vulnerable Software and Affected Versions Wayne Allen Postie versions through 1.9.73 Description The software contains a flaw related to improper input handling during web page generation, specifically a Stored Cross-site Scripting issue. This allows for the injection of malicious...

6.5CVSS5.9AI score0.0013EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.5 views

WordPress plugin和WordPress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

7.1CVSS5.7AI score0.00149EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.5 views

PT-2025-54401

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Omar Mohamed Mohamoud LIVE TV allows Reflected XSS.This issue affects LIVE TV: from n/a through 1.2...

7.1CVSS7.9AI score0.0019EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.7 views

WordPress plugin Audiomack 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS5.9AI score0.00127EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.6 views

WordPress plugin Content Fetcher 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS5.9AI score0.00168EPSS
Exploits0References2
Rows per page
Query Builder