5661 matches found
PT-2025-39620
Name of the Vulnerable Software and Affected Versions Alex Moss Google+ Comments versions through 1.0 Description The software contains a flaw related to improper input handling during web page generation, specifically a Cross-site Scripting issue. This allows for Stored XSS attacks. The issue...
PT-2025-39538
Name of the Vulnerable Software and Affected Versions wp-mpdf versions through 3.9.1 Description The software contains a flaw related to improper handling of user-supplied data when creating web pages, potentially leading to Cross-site Scripting XSS. This allows for the injection of malicious...
PT-2025-39552
Name of the Vulnerable Software and Affected Versions metaphorcreations Ditty versions through 3.1.58 Description The software contains a flaw due to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This could allow an attacker to inje...
WordPress plugin SEO Search Permalink 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... A cross-site...
WordPress plugin Traveler 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-39548
Name of the Vulnerable Software and Affected Versions Woostify versions through 2.4.2 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Cross-site Scripting XSS issue. This allows for the injection of malicious...
WordPress plugin User Notes 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripti...
PT-2025-39615
Name of the Vulnerable Software and Affected Versions rozx Recaptcha – wp versions through 0.2.6 Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-Site Scripting XSS. This means that malicious scripts can be...
WordPress plugin Uncode 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL-based...
PROLIZ Student Information System 跨站脚本漏洞
PROLIZ Student Information System is a student information management system from the Turkish company PROLIZ. A cross-site scripting vulnerability exists in PROLIZ Student Information System versions prior to v25.0401, which stems from improper input neutralization during web page generation and...
CVE-2025-58646
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in chtombleson Mobi2Go mobi2go allows Stored XSS.This issue affects Mobi2Go: from n/a through = 1.0.0...
CVE-2025-57901
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DAEXT Import Markdown allows Stored XSS. This issue affects Import Markdown: from n/a through 1.14...
CVE-2025-57996
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in matthewordie Buckets buckets allows Stored XSS.This issue affects Buckets: from n/a through = 0.3.9...
CVE-2025-57965
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP CodeUs WP Proposals allows Stored XSS. This issue affects WP Proposals: from n/a through 2.3...
CVE-2025-53458
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in davaxi Goracash goracash allows Stored XSS.This issue affects Goracash: from n/a through = 1.1...
CVE-2025-53467
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webvitaly Login-Logout login-logout allows Stored XSS.This issue affects Login-Logout: from n/a through = 3.8...
CVE-2025-8079
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Akıllı Ticaret Software Technologies Ltd. Co. Smart Trade E-Commerce allows Reflected XSS.This issue affects Smart Trade E-Commerce: before 4.5.0.0.1...
Basarsoft Netigma 跨站脚本漏洞
Basarsoft Netigma is a Geographic Information System GIS from Basarsoft Turkey. A cross-site scripting vulnerability exists in Basarsoft Netigma versions 6.3.3 through 6.3.5 prior to V8, which stems from improper input neutralization during web page generation and could lead to a stored cross-sit...
CVE-2025-59590
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Stored XSS.This issue affects Media LIbrary Assistant: from n/a through = 3.28...
CVE-2025-59586
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Portfolio penci-portfolio allows DOM-Based XSS.This issue affects Penci Portfolio: from n/a through = 3.5...