EUVD-2025-5716

Malicious code in bioql PyPI...

EUVD-2025-3591

Malicious code in bioql PyPI...

CVE-2025-8079 Reflected XSS in Akıllı Ticaret Software Technologies' Smart Trade E-Commerce

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Akıllı Ticaret Software Technologies Ltd. Co. Smart Trade E-Commerce allows Reflected XSS. This issue affects Smart Trade E-Commerce: before 4.5.0.0.1...

PT-2025-39053

Name of the Vulnerable Software and Affected Versions PenciDesign Penci Filter Everything affected versions not specified Description The software contains a flaw related to improper handling of user-supplied data when creating web pages, leading to a potential Cross-site Scripting XSS issue...

CVE-2025-58867

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Remi Corson Easy Download Media Counter easy-download-media-counter allows Stored XSS.This issue affects Easy Download Media Counter: from n/a through = 1.2...

WordPress plugin Inspectlet User Session Recording and Heatmaps 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

CVE-2025-6948

Summary: CVE-2025-6948 affects GitLab CE/EE releases prior to 17.11.6, 18.0.4, and 18.1.2. The issue is due to improper handling of input that, under certain conditions, could allow an attacker to execute actions on behalf of users by injecting malicious content (a cross-site scripting scenario)....

CVE-2025-27361

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thhake Photo Express for Google photo-express-for-google allows Reflected XSS.This issue affects Photo Express for Google: from n/a through = 0.3.2...

CVE-2025-31925 WordPress SHOUT plugin <= 3.5.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup SHOUT lbg-audio8-html5-radioads allows Reflected XSS.This issue affects SHOUT: from n/a through = 3.5.3...

CVE-2024-38866 Livestatus Injection in dynmaps

Improper neutralization of input in Nagvis before version 1.9.47 which can lead to livestatus injection...

CVE-2024-52345

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RobertoAlicata raqrcode ra-qrcode allows Stored XSS.This issue affects raqrcode: from n/a through = 2.1.0...

CVE-2024-43262

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in webriti Busiprof allows Stored XSS.This issue affects Busiprof: from n/a through 2.4.8...

CVE-2024-25934

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FormFacade allows Stored XSS.This issue affects FormFacade: from n/a through 1.0.0...

CVE-2024-7269

Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal Details" form in ConnX ESP HR Management allows Stored XSS attack. An attacker might inject a script to be run in user's browser. After multiple attempts to contact the vendor we did not receive any...

CVE-2024-34413

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SliceWP allows Stored XSS.This issue affects SliceWP: from n/a through 1.1.10...

CVE-2024-44058

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CryoutCreations Parabola allows Stored XSS.This issue affects Parabola: from n/a through 2.4.1...

CVE-2024-52493

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Josh Leuze Meteor Slides meteor-slides allows Stored XSS.This issue affects Meteor Slides: from n/a through = 1.5.7...

CVE-2024-51574

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Simple Goods Simple Goods simple-goods allows Stored XSS.This issue affects Simple Goods: from n/a through = 0.1.3...

CVE-2021-4176

livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

CVE-2025-39407

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Caseproof, LLC Memberpress allows Reflected XSS.This issue affects Memberpress: from n/a before 1.12.0...