CVE-2026-32403

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in toocheke Toocheke Companion toocheke-companion allows DOM-Based XSS.This issue affects Toocheke Companion: from n/a through = 1.194...

CVE-2026-32454

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeFusion Avada Core fusion-core allows DOM-Based XSS.This issue affects Avada Core: from n/a through 5.15.0...

CVE-2026-31918

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in immonex immonex Kickstart immonex-kickstart allows Stored XSS.This issue affects immonex Kickstart: from n/a through = 1.13.0...

CVE-2025-12454

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0...

CVE-2025-2274

Improper Neutralization of Input During Web Page Generation in Forcepoint Web Security On-Prem on Windows allows Stored XSS.This issue affects Web Security through 8.5.6...

CVE-2026-25369

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in flexmls Flexmls® IDX flexmls-idx allows Reflected XSS.This issue affects Flexmls® IDX: from n/a through = 3.15.9...

CVE-2026-2266

An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed DOM-based cross-site scripting via task list content. The task list content extraction logic did not properly re-encode browser-decoded text nodes before rendering, allowing user-supplied HTM...

EUVD-2026-15919

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeFusion Fusion Builder fusion-builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through 3.15.0...

EUVD-2026-15771

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Soledad Data Migrator penci-data-migrator allows Reflected XSS.This issue affects Penci Soledad Data Migrator: from n/a through = 1.3.1...

EUVD-2026-15665

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in skygroup Miti miti allows Reflected XSS.This issue affects Miti: from n/a through 1.5.3...

EUVD-2026-15615

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WHMCSdes Phox Hosting phox-host allows Reflected XSS.This issue affects Phox Hosting: from n/a through = 2.0.8...

EUVD-2026-15451

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Quick Edit allows Cross-Site Scripting XSS.This issue affects Quick Edit: from 0.0.0 before 1.0.5, from 2.0.0 before 2.0.1...

EUVD-2026-15469

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.49...

CVE-2026-32545

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...

CVE-2026-32518

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imithemes Gaea gaea allows Reflected XSS.This issue affects Gaea: from n/a through 3.8...

CVE-2026-32517

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kleor Contact Manager contact-manager allows Reflected XSS.This issue affects Contact Manager: from n/a through = 9.1...

CVE-2026-25353

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in skygroup Nooni nooni allows Reflected XSS.This issue affects Nooni: from n/a through 1.5.1...

CVE-2026-25306

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore Core et-core-plugin allows Reflected XSS.This issue affects XStore Core: from n/a through = 5.6.4...

CVE-2026-24983

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in UpSolution UpSolution Core us-core allows Reflected XSS.This issue affects UpSolution Core: from n/a through = 8.41...

CVE-2025-69096

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Zorka zorka allows Reflected XSS.This issue affects Zorka: from n/a through = 1.5.7...