CVE-2025-31027 WordPress Tiger theme <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jocoxdesign Tiger tiger allows Reflected XSS.This issue affects Tiger: from n/a through 2.0...

CVE-2025-23986

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fyrewurks Tiki Time allows Reflected XSS.This issue affects Tiki Time: from n/a through 1.3...

PT-2025-21977 · Woocommerce · Active Products Tables For Woocommerce

Name of the Vulnerable Software and Affected Versions: Active Products Tables for WooCommerce versions 1.0.6.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that...

CVE-2025-1647

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Bootstrap allows Cross-Site Scripting XSS.This issue affects Bootstrap: from 3.4.1 before 4.0.0...

WordPress plugin WP jQuery DataTable 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...

CVE-2025-46260

CVE-2025-46260 is a stored cross-site scripting (XSS) vulnerability in the WordPress plugin “Sky Addons for Elementor.” The issue arises from improper input neutralization during web page generation, enabling stored XSS. Affected products/versions: Sky Addons for Elementor versions n/a through 3....

WordPress plugin Peadig’s Google +1 Button 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2025-27289 WordPress Restrict Taxonomies Plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Antoine Guillien Restrict Taxonomies restrict-taxonomies allows Reflected XSS.This issue affects Restrict Taxonomies: from n/a through = 1.3.3...

CVE-2025-32511

CVE-2025-32511 is a Reflected XSS in the WordPress plugin Make Email Customizer for WooCommerce (Excellent Dynamics) affecting versions up to 1.0.5. The vulnerability arises from improper neutralization of input during web page generation, enabling an attacker-supplied payload to be echoed in the...

CVE-2025-32564 WordPress Stop Registration Spam Plugin <= 1.24 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tomroyal Stop Registration Spam stop-registration-spam allows Reflected XSS.This issue affects Stop Registration Spam: from n/a through = 1.24...

PT-2025-17156 · Unknown · Gb Gallery Slideshow

Name of the Vulnerable Software and Affected Versions: GB Gallery Slideshow versions 1.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This enables potential attackers t...

CVE-2025-39582 WordPress WP Data Access plugin <= 5.5.36 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Passionate Programmer Peter WP Data Access wp-data-access allows DOM-Based XSS.This issue affects WP Data Access: from n/a through = 5.5.36...

WordPress plugin Mobile Smart 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

CVE-2025-32211

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Broadstreet Broadstreet Ads broadstreet allows Stored XSS.This issue affects Broadstreet Ads: from n/a through = 1.52.1...

CVE-2025-31467

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in miro.mannino Flickr Photostream flickr-photostream allows Reflected XSS.This issue affects Flickr Photostream: from n/a through = 3.1.8...

CVE-2025-31418

CVE-2025-31418 corresponds to a reflected XSS in the Gravel WordPress theme. Public material confirms Gravel versions up to 1.6 are affected. The CVSSv3.1 score in the provided data is 7.1 (High) with Network attack, user interaction required, and changes in confidentiality/integrity/availability...

GHSA-HPHM-3X7F-G875 Drupal Obfuscate Vulnerable to Stored Cross-Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Obfuscate allows Stored XSS. This issue affects Obfuscate: from 0.0.0 before 2.0.1...

PT-2025-14727 · Adobe · Advanced Typekit

Name of the Vulnerable Software and Affected Versions: Advanced Typekit versions 1.0.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...

CVE-2025-31441

CVE-2025-31441 describes a Reflected XSS in the WordPress Galleria plugin (wp-galleria). Public description states affected product: WordPress Galleria (wp-galleria), with vulnerable versions listed as from n/a through

CVE-2025-30778 WordPress VForm plugin <= 3.1.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vikas Ratudi VPSUForm v-form allows Reflected XSS.This issue affects VPSUForm: from n/a through = 3.1.9...