Lucene search
K

5662 matches found

NVD
NVD
added 2025/09/22 7:15 p.m.3 views

CVE-2025-57938

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themewant Easy Hotel Booking easy-hotel allows DOM-Based XSS.This issue affects Easy Hotel Booking: from n/a through = 1.9.0...

6.5CVSS0.00203EPSS
Exploits0References1
NVD
NVD
added 2025/09/22 7:15 p.m.4 views

CVE-2025-57912

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dialogity Dialogity Free Live Chat dialogity-website-chat allows Stored XSS.This issue affects Dialogity Free Live Chat: from n/a through = 1.0.3...

5.9CVSS0.00276EPSS
Exploits0References1
NVD
NVD
added 2025/09/22 7:15 p.m.4 views

CVE-2025-53469

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mortgage Calculator BMI Adult & Kid Calculator bmi-adultkid-calculator allows Stored XSS.This issue affects BMI Adult & Kid Calculator: from n/a through = 1.2.2...

5.9CVSS0.00276EPSS
Exploits0References1
NVD
NVD
added 2025/09/22 7:15 p.m.4 views

CVE-2025-53464

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Online Optimisation WP Mailto Links wp-mailto-links allows Stored XSS.This issue affects WP Mailto Links: from n/a through = 3.1.4...

5.9CVSS0.00276EPSS
Exploits0References1
CVE
CVE
added 2025/09/22 6:25 p.m.25 views

CVE-2025-59587

CVE-2025-59587 is a DOM-based XSS in the WordPress plugin Penci Shortcodes & Performance. The vulnerability requires authenticated access (Contributor+), affects versions before the fix, and has a CVSS v3.1 base score of 6.5 (Medium). Wordfence indicates the issue is addressed in a 6.1+ release, ...

6.5CVSS5.9AI score0.00159EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 6:25 p.m.9 views

CVE-2025-53467 WordPress Login-Logout Plugin <= 3.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webvitaly Login-Logout login-logout allows Stored XSS.This issue affects Login-Logout: from n/a through = 3.8...

5.9CVSS0.00276EPSS
Exploits0References1
CVE
CVE
added 2025/09/22 6:25 p.m.11 views

CVE-2025-57901

CVE-2025-57901 is listed in connected sources as relating to Import Markdown – Versatile Markdown Importer for WordPress. The connected entry indicates a vulnerability described as an authenticated (Contributor+) Stored Cross-Site Scripting (XSS) via the Markdown import process. In practical term...

5.6AI score0.00039EPSS
Exploits0
Cvelist
Cvelist
added 2025/09/22 6:25 p.m.9 views

CVE-2025-57908 WordPress Product Time Countdown for WooCommerce plugin <= 1.6.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ProWCPlugins Product Time Countdown for WooCommerce product-countdown-for-woocommerce allows Stored XSS.This issue affects Product Time Countdown for WooCommerce: from n/a through = 1.6.5...

5.9CVSS0.00276EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/22 6:25 p.m.3 views

CVE-2025-57938 WordPress Easy Hotel Booking plugin <= 1.9.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themewant Easy Hotel Booking easy-hotel allows DOM-Based XSS.This issue affects Easy Hotel Booking: from n/a through = 1.9.0...

6.5CVSS5.2AI score0.00203EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/22 6:24 p.m.4 views

CVE-2025-57950 WordPress Plugin Security Scanner Plugin <= 2.0.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Glen Scott Plugin Security Scanner plugin-security-scanner allows Stored XSS.This issue affects Plugin Security Scanner: from n/a through = 2.0.2...

5.9CVSS5.2AI score0.00276EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/22 6:24 p.m.2 views

CVE-2025-57951 WordPress SiteNarrator Text-to-Speech Widget Plugin <= 1.9 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ken107 SiteNarrator Text-to-Speech Widget allows Stored XSS. This issue affects SiteNarrator Text-to-Speech Widget: from n/a through 1.9...

5.9CVSS5.6AI score0.00305EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/22 6:24 p.m.2 views

CVE-2025-57963 WordPress Zoho Billing Plugin <= 4.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zoho Subscriptions Zoho Billing zoho-subscriptions allows DOM-Based XSS.This issue affects Zoho Billing: from n/a through = 4.1...

6.5CVSS5.2AI score0.00285EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 6:23 p.m.11 views

CVE-2025-58023 WordPress Genealogical Tree plugin <= 2.2.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in akdevs Genealogical Tree genealogical-tree allows Stored XSS.This issue affects Genealogical Tree: from n/a through = 2.2.7...

6.5CVSS0.00199EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/22 6:23 p.m.3 views

CVE-2025-58023 WordPress Genealogical Tree plugin <= 2.2.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in akdevs Genealogical Tree genealogical-tree allows Stored XSS.This issue affects Genealogical Tree: from n/a through = 2.2.7...

6.5CVSS5.9AI score0.00199EPSS
Exploits0References1
CVE
CVE
added 2025/09/22 6:23 p.m.10 views

CVE-2025-58240

CVE-2025-58240: Stored XSS in WordPress plugin xili-tidy-tags (

6.5CVSS5.9AI score0.00258EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 6:23 p.m.10 views

CVE-2025-58242 WordPress Bg Church Memos Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vadim Bogaiskov Bg Church Memos bg-church-memos allows DOM-Based XSS.This issue affects Bg Church Memos: from n/a through = 1.1...

6.5CVSS0.0019EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/22 6:23 p.m.1 views

CVE-2025-58648 WordPress Simple JWT Login plugin <= 3.6.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nicu Micle Simple JWT Login simple-jwt-login allows Stored XSS.This issue affects Simple JWT Login: from n/a through = 3.6.4...

6.5CVSS5.9AI score0.00196EPSS
Exploits0References1
CVE
CVE
added 2025/09/22 6:23 p.m.11 views

CVE-2025-58652

CVE-2025-58652 affects Themepoints Carousel Ultimate (Carousel Ultimate) for WordPress. The issue is a Stored XSS caused by improper input neutralization during web page generation, impacting versions up to 1.8 (from n/a through 1.8). CVSS 3.1 base score is 6.5 (AV:N, AC:L, PR:L, UI:R, S:C, C:L, ...

6.5CVSS5.9AI score0.0019EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 6:22 p.m.10 views

CVE-2025-58703 WordPress Skyword API Plugin Plugin <= 2.5.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in skyword Skyword API Plugin skyword-plugin allows Stored XSS.This issue affects Skyword API Plugin: from n/a through = 2.5.3...

6.5CVSS0.00196EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 8:45 a.m.11 views

CVE-2025-8079 Reflected XSS in Akıllı Ticaret Software Technologies' Smart Trade E-Commerce

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Akıllı Ticaret Software Technologies Ltd. Co. Smart Trade E-Commerce allows Reflected XSS. This issue affects Smart Trade E-Commerce: before 4.5.0.0.1...

4.6CVSS0.00221EPSS
Exploits0References2
Rows per page
Query Builder