Lucene search
K

5661 matches found

Positive Technologies
Positive Technologies
added 2025/09/26 12:0 a.m.12 views

PT-2025-39620

Name of the Vulnerable Software and Affected Versions Alex Moss Google+ Comments versions through 1.0 Description The software contains a flaw related to improper input handling during web page generation, specifically a Cross-site Scripting issue. This allows for Stored XSS attacks. The issue...

5.9CVSS5.5AI score0.0017EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/26 12:0 a.m.2 views

PT-2025-39538

Name of the Vulnerable Software and Affected Versions wp-mpdf versions through 3.9.1 Description The software contains a flaw related to improper handling of user-supplied data when creating web pages, potentially leading to Cross-site Scripting XSS. This allows for the injection of malicious...

6.5CVSS6.3AI score0.00196EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/26 12:0 a.m.5 views

PT-2025-39552

Name of the Vulnerable Software and Affected Versions metaphorcreations Ditty versions through 3.1.58 Description The software contains a flaw due to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This could allow an attacker to inje...

6.5CVSS6AI score0.0019EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/26 12:0 a.m.3 views

WordPress plugin SEO Search Permalink 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... A cross-site...

5.9CVSS5.8AI score0.0017EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/26 12:0 a.m.2 views

WordPress plugin Traveler 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6AI score0.00219EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/26 12:0 a.m.3 views

PT-2025-39548

Name of the Vulnerable Software and Affected Versions Woostify versions through 2.4.2 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Cross-site Scripting XSS issue. This allows for the injection of malicious...

5.9CVSS6.1AI score0.0021EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/26 12:0 a.m.4 views

WordPress plugin User Notes 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripti...

5.9CVSS5.6AI score0.0021EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/26 12:0 a.m.3 views

PT-2025-39615

Name of the Vulnerable Software and Affected Versions rozx Recaptcha – wp versions through 0.2.6 Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-Site Scripting XSS. This means that malicious scripts can be...

5.9CVSS5.6AI score0.0017EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/26 12:0 a.m.3 views

WordPress plugin Uncode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL-based...

7.1CVSS5.9AI score0.00233EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/25 12:0 a.m.1 views

PROLIZ Student Information System 跨站脚本漏洞

PROLIZ Student Information System is a student information management system from the Turkish company PROLIZ. A cross-site scripting vulnerability exists in PROLIZ Student Information System versions prior to v25.0401, which stems from improper input neutralization during web page generation and...

8.9CVSS5.6AI score0.00252EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/24 6:31 p.m.2 views

CVE-2025-58646

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in chtombleson Mobi2Go mobi2go allows Stored XSS.This issue affects Mobi2Go: from n/a through = 1.0.0...

5.9CVSS5.9AI score0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/24 6:30 p.m.3 views

CVE-2025-57901

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DAEXT Import Markdown allows Stored XSS. This issue affects Import Markdown: from n/a through 1.14...

6.5CVSS5.9AI score0.00039EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/24 6:30 p.m.2 views

CVE-2025-57996

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in matthewordie Buckets buckets allows Stored XSS.This issue affects Buckets: from n/a through = 0.3.9...

6.5CVSS5.9AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/24 6:30 p.m.4 views

CVE-2025-57965

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP CodeUs WP Proposals allows Stored XSS. This issue affects WP Proposals: from n/a through 2.3...

6.5CVSS5.2AI score0.0026EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/24 6:30 p.m.4 views

CVE-2025-53458

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in davaxi Goracash goracash allows Stored XSS.This issue affects Goracash: from n/a through = 1.1...

5.9CVSS5.9AI score0.00276EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/24 6:30 p.m.4 views

CVE-2025-53467

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webvitaly Login-Logout login-logout allows Stored XSS.This issue affects Login-Logout: from n/a through = 3.8...

5.9CVSS5.9AI score0.00276EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/24 9:23 a.m.12 views

CVE-2025-8079

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Akıllı Ticaret Software Technologies Ltd. Co. Smart Trade E-Commerce allows Reflected XSS.This issue affects Smart Trade E-Commerce: before 4.5.0.0.1...

4.6CVSS6.5AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/23 12:0 a.m.6 views

Basarsoft Netigma 跨站脚本漏洞

Basarsoft Netigma is a Geographic Information System GIS from Basarsoft Turkey. A cross-site scripting vulnerability exists in Basarsoft Netigma versions 6.3.3 through 6.3.5 prior to V8, which stems from improper input neutralization during web page generation and could lead to a stored cross-sit...

8.9CVSS5.8AI score0.00252EPSS
Exploits0References1
NVD
NVD
added 2025/09/22 7:16 p.m.2 views

CVE-2025-59590

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Stored XSS.This issue affects Media LIbrary Assistant: from n/a through = 3.28...

5.9CVSS0.0017EPSS
Exploits0References1
NVD
NVD
added 2025/09/22 7:16 p.m.4 views

CVE-2025-59586

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Portfolio penci-portfolio allows DOM-Based XSS.This issue affects Penci Portfolio: from n/a through = 3.5...

6.5CVSS0.00159EPSS
Exploits0References1
Rows per page
Query Builder