Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5651 matches found

NVD
NVDadded 2026/03/25 4:16 p.m.4 views

CVE-2026-3217

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal SAML SSO - Service Provider allows Cross-Site Scripting XSS.This issue affects SAML SSO - Service Provider: from 0.0.0 before 3.1.3...

6.1CVSS0.00193EPSS
Exploits0References1
NVD
NVDadded 2026/03/25 4:16 p.m.2 views

CVE-2026-2349

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal UI Icons allows Cross-Site Scripting XSS.This issue affects UI Icons: from 0.0.0 before 1.0.1, from 1.1.0 before 1.1.1...

6.1CVSS0.00149EPSS
Exploits0References1
CVE
CVEadded 2026/03/25 4:15 p.m.11 views

CVE-2026-32518

CVE-2026-32518 affects the WordPress Gaea theme (imithemes Gaea) prior to version 3.8. The issue is a Reflected Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Affected component is the theme code handling user-supplied input; impact is...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/03/25 4:14 p.m.0 views

CVE-2026-32494

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through = 2.7.1...

5.8AI score0.00175EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/03/25 4:14 p.m.3 views

CVE-2026-25465

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople CP Multi View Event Calendar cp-multi-view-calendar allows Stored XSS.This issue affects CP Multi View Event Calendar : from n/a through = 1.4.37...

6.5CVSS5.2AI score0.00161EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/03/25 4:14 p.m.5 views

CVE-2026-25461 WordPress Listeo Core plugin <= 2.0.21 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes Listeo Core listeo-core allows Reflected XSS.This issue affects Listeo Core: from n/a through = 2.0.21...

5.8AI score0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/25 4:14 p.m.3 views

CVE-2026-25417 WordPress ProfileGrid plugin <= 5.9.8.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Stored XSS.This issue affects ProfileGrid : from n/a through = 5.9.8.1...

6.5CVSS5.8AI score0.00156EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/25 4:14 p.m.0 views

CVE-2026-25373 WordPress Vayvo - Media Streaming & Membership WordPress Theme theme < 6.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ProgressionStudios Vayvo vayvo-progression allows Reflected XSS.This issue affects Vayvo: from n/a through 6.8...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/25 4:14 p.m.25 views

CVE-2026-25354 WordPress Reebox theme < 1.4.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in skygroup Reebox reebox allows Reflected XSS.This issue affects Reebox: from n/a through 1.4.8...

7.1CVSS0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/25 4:14 p.m.0 views

CVE-2026-25354 WordPress Reebox theme < 1.4.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in skygroup Reebox reebox allows Reflected XSS.This issue affects Reebox: from n/a through 1.4.8...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/25 4:14 p.m.1 views

CVE-2026-25352 WordPress MyDecor theme < 1.5.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in skygroup MyDecor mydecor allows Reflected XSS.This issue affects MyDecor: from n/a through 1.5.9...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
CVE
CVEadded 2026/03/25 4:14 p.m.23 views

CVE-2026-25350

CVE-2026-25350 is a Reflected XSS vulnerability in the Miti WordPress theme (Miti miti) affecting versions

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/25 4:14 p.m.0 views

CVE-2026-25304 WordPress Jaroti theme < 1.4.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in skygroup Jaroti jaroti allows Reflected XSS.This issue affects Jaroti: from n/a through 1.4.8...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/25 4:14 p.m.22 views

CVE-2026-24983 WordPress UpSolution Core plugin <= 8.41 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in UpSolution UpSolution Core us-core allows Reflected XSS.This issue affects UpSolution Core: from n/a through = 8.41...

7.1CVSS0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/03/25 12:0 a.m.4 views

PT-2026-27971

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Soledad Data Migrator penci-data-migrator allows Reflected XSS.This issue affects Penci Soledad Data Migrator: from n/a through = 1.3.1...

5.8AI score0.00175EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/03/25 12:0 a.m.3 views

PT-2026-27956

Name of the Vulnerable Software and Affected Versions Listeo Core versions through 2.0.21 Description The software contains a flaw due to improper handling of input when creating web pages, leading to a Reflected Cross-Site Scripting XSS condition. This allows an attacker to inject malicious...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/03/25 12:0 a.m.3 views

PT-2026-28058

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...

5.8AI score0.00146EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/03/25 12:0 a.m.1 views

PT-2026-27895

Name of the Vulnerable Software and Affected Versions Jaroti versions prior to 1.4.8 Description An issue exists in Jaroti that allows for Reflected Cross-Site Scripting XSS. This occurs due to improper handling of user-supplied input during web page generation. The vulnerability allows an attack...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/03/25 12:0 a.m.3 views

PT-2026-27868

Name of the Vulnerable Software and Affected Versions NooTheme Organici Library versions n/a through 2.1.2 Description The software contains a flaw due to improper handling of input during the creation of web pages, leading to a 'cross-site scripting' issue. This allows for reflected cross-site...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/03/25 12:0 a.m.1 views

PT-2026-27872

Name of the Vulnerable Software and Affected Versions NooTheme Jobica Core versions through 1.4.1 Description The software contains a flaw due to improper input handling during web page creation, which allows for Reflected Cross-Site Scripting XSS. This means a malicious actor could inject script...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References4
Rows per page
Query Builder