CVE-2025-1137

IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization...

Devolutions PowerShell Universal 安全漏洞

Devolutions PowerShell Universal is a comprehensive PowerShell platform from Devolutions Canada. A security vulnerability exists in Devolutions PowerShell Universal versions prior to 4.5.6 and prior to 5.6.13 that stems from improper input neutralization and could lead to a cross-site scripting...

WordPress plugin和WordPress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

PT-2026-1653

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit Pro allows Reflected XSS.This issue affects WidgetKit Pro: from n/a through 1.13.1...

CVE-2025-13744

An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component search across GitHub that could be used to exfiltrate sensitive information. An attacker would requi...

CVE-2025-39497

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dokan Dokan Pro allows Stored XSS.This issue affects Dokan Pro: from n/a through 3.14.5...

CVE-2025-69350 WordPress Accordion plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Accordion accordions-wp allows Stored XSS.This issue affects Accordion: from n/a through = 3.0.3...

WordPress plugin JobBank 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2024-30461

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Tumult Inc Tumult Hype Animations allows DOM-Based XSS.This issue affects Tumult Hype Animations: from n/a through 1.9.11...

CVE-2024-23511

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.3.3...

WordPress plugin Dokan Pro 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-sit...

PT-2026-1302

Name of the Vulnerable Software and Affected Versions Dokan Pro versions through 3.14.5 Description A flaw exists in Dokan Pro that allows for Stored Cross-Site Scripting XSS. This issue is due to improper neutralization of input during web page generation. An attacker could potentially inject...

PT-2026-1281

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in INTINITUM FORM Geo Controller allows DOM-Based XSS.This issue affects Geo Controller: from n/a through 8.5.2...

CVE-2025-14830

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in JFrog Artifactory Workers allows Cross-Site Scripting XSS.This issue affects Artifactory Workers: from =7.94.0 through 7.117.10...

CVE-2025-62095

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in neilgee Bootstrap Modals bootstrap-modals allows Stored XSS.This issue affects Bootstrap Modals: from n/a through = 1.3.2...

CVE-2025-62756

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lvaudore The Moneytizer the-moneytizer allows DOM-Based XSS.This issue affects The Moneytizer: from n/a through = 10.0.9...

CVE-2025-62752

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kalender.digital Kalender.digital kalender-digital allows DOM-Based XSS.This issue affects Kalender.digital: from n/a through = 1.0.13...

CVE-2025-62757

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier webman-amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through = 1.5.12...

CVE-2025-63005

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tomas WordPress Tooltips wordpress-tooltips allows Stored XSS.This issue affects WordPress Tooltips: from n/a through = 10.9.3...

CVE-2025-62759

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Justin Tadlock Series series allows Stored XSS.This issue affects Series: from n/a through = 2.0.1...