CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/03/25 12:0 a.m.•3 views

PT-2026-28057

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OOPSpam Team OOPSpam Anti-Spam oopspam-anti-spam allows Stored XSS.This issue affects OOPSpam Anti-Spam: from n/a through = 1.2.62...

5.8AI score0.00142EPSS

Positive Technologies•added 2026/03/25 12:0 a.m.•5 views

PT-2026-28035

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows DOM-Based XSS.This issue affects WP Custom Admin Interface: from n/a through = 7.42...

5.8AI score0.00161EPSS

Positive Technologies•added 2026/03/25 12:0 a.m.•5 views

PT-2026-27875

Name of the Vulnerable Software and Affected Versions UpSolution Core versions through 8.41 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-Site Scripting XSS condition. This allows for the execution of...

7.1CVSS6.1AI score0.0018EPSS

EUVD•added 2026/03/20 12:31 p.m.•4 views

EUVD-2024-29030

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Vasilis Triantafyllou Special Box for Content allows DOM-Based XSS.This issue affects Special Box for Content: from n/a through 1...

5.9CVSS5.8AI score0.00199EPSS

EUVD•added 2026/03/19 9:30 a.m.•3 views

EUVD-2025-208858

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Composer allows Reflected XSS.This issue affects tagDiv Composer: from n/a through 5.4.2...

7.1CVSS5.8AI score0.00145EPSS

ATTACKERKB•added 2026/03/19 8:43 a.m.•1 views

CVE-2026-27070

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPEverest Everest Forms Pro allows Stored XSS.This issue affects Everest Forms Pro: from n/a through 1.9.10...

7.1CVSS5.8AI score0.00145EPSS

Positive Technologies•added 2026/03/19 12:0 a.m.•3 views

PT-2026-26267

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Opt-In Builder allows Reflected XSS.This issue affects tagDiv Opt-In Builder: from n/a through 1.7.3...

7.1CVSS5.8AI score0.0019EPSS

ATTACKERKB•added 2026/03/18 1:49 p.m.•0 views

CVE-2026-3278

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ ZENworks Service Desk allows Cross-Site Scripting XSS. The vulnerability could allow an attacker to execute arbitrary JavaScript leading to unauthorized actions on behalf of the user.This...

7.4CVSS6AI score0.00137EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2026/03/18 12:0 a.m.•3 views

PT-2026-26064

7.4CVSS6.1AI score0.00137EPSS

Exploits0References4

CNVD•added 2026/03/17 12:0 a.m.•3 views

Fortinet FortiSandbox Cross-Site Scripting Vulnerability (CNVD-2026-14601)

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. A cross-site scripting vulnerability exists in Fortinet FortiSandbox. The...

4.8CVSS5.8AI score0.00306EPSS

Positive Technologies•added 2026/03/16 12:0 a.m.•4 views

PT-2026-25751

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Flexmls Flexmls® IDX allows Reflected XSS.This issue affects Flexmls® IDX: from n/a through 3.15.9...

7.1CVSS5.8AI score0.00149EPSS

NVD•added 2026/03/13 7:55 p.m.•6 views

CVE-2026-32424

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BoldGrid Sprout Clients sprout-clients allows Stored XSS.This issue affects Sprout Clients: from n/a through = 3.2.2...

6.5CVSS0.00161EPSS

NVD•added 2026/03/13 7:53 p.m.•2 views

CVE-2025-12453

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0...

6.1CVSS0.00181EPSS

Cvelist•added 2026/03/13 6:30 p.m.•22 views

CVE-2025-12453 Improper neutralization of input during web page generation vulnerability has been discovered in OpenText™ Vertica.

5.1CVSS0.00181EPSS

ATTACKERKB•added 2026/03/13 6:30 p.m.•3 views

CVE-2025-12454

5.1CVSS5.6AI score0.00181EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/03/13 6:30 p.m.•3 views

CVE-2025-12454 Improper neutralization of input during web page generation vulnerability has been discovered in OpenText™ Vertica.

5.1CVSS5.6AI score0.00181EPSS

CVE•added 2026/03/13 11:42 a.m.•8 views

CVE-2026-32360

CVE-2026-32360 affects the WordPress Rich Showcase for Google Reviews plugin (widget-google-reviews) up to version 6.9.4.3. Root cause: improper neutralization of input during web page generation, enabling a Stored XSS vulnerability. Affected scope is described as Rich Showcase for Google Reviews...

5.9CVSS5.8AI score0.00183EPSS

Positive Technologies•added 2026/03/13 12:0 a.m.•5 views

PT-2026-25304

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact...

5.8AI score0.00137EPSS