EUVD-2025-206070

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Proloy Chakroborty ZD Scribd iPaper allows Reflected XSS.This issue affects ZD Scribd iPaper: from n/a through 1.0...

CVE-2025-23719

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zckevin ZhinaTwitterWidget zhina-twitter-widget allows Reflected XSS.This issue affects ZhinaTwitterWidget: from n/a through = 1.0...

CVE-2025-52739 WordPress Sala theme <= 1.1.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uxper Sala allows Reflected XSS.This issue affects Sala: from n/a through 1.1.3...

CVE-2025-52739

CVE-2025-52739 affects WordPress Sala theme versions up to 1.1.3. The root cause is improper neutralization of input during web page generation, enabling Reflected XSS. Impact described in multiple feeds: reflected XSS affecting Sala from n/a through 1.1.3 with published CVSS 3.1 vector (AV:N/AC:...

CVE-2025-23667

CVE-2025-23667 concerns WordPress plugin custom-post-edit (

CVE-2025-49337

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in janhenckens Dashboard Beacon wp-dashboard-beacon allows Stored XSS.This issue affects Dashboard Beacon: from n/a through = 1.2.0...

CVE-2025-63021

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codetipi Valenti Engine valenti-engine allows DOM-Based XSS.This issue affects Valenti Engine: from n/a through = 1.0.3...

EUVD-2025-205990

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Omar Mohamed Mohamoud LIVE TV allows Reflected XSS.This issue affects LIVE TV: from n/a through 1.2...

CVE-2025-62119

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ViitorCloud Technologies Pvt Ltd Add Featured Image Custom Link custom-url-to-featured-image allows DOM-Based XSS.This issue affects Add Featured Image Custom Link: from n/a through = 2.0.0...

CVE-2025-62757

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier webman-amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through = 1.5.12...

EUVD-2025-205920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through 1.5.12...

EUVD-2025-205922

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThinkUpThemes Consulting allows Stored XSS.This issue affects Consulting: from n/a through 1.5.0...

CVE-2025-69089

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in autolistings Auto Listings auto-listings allows Stored XSS.This issue affects Auto Listings: from n/a through = 2.7.1...

CVE-2025-62146

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maksym Marko MX Time Zone Clocks mx-time-zone-clocks allows Stored XSS.This issue affects MX Time Zone Clocks: from n/a through = 5.1.1...

PT-2025-54323

Name of the Vulnerable Software and Affected Versions Curator.Io versions through 1.9.5 Description A flaw exists in Curator.Io that allows for Stored Cross-site Scripting XSS. This issue involves improper neutralization of input during web page generation. The vulnerability could potentially all...

WordPress plugin WooCommerce Parcelas 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripti...

WordPress plugin BuddyPress Activity Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... A cross-site scripting...

WordPress plugin Series 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Content Fetcher 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Livemesh Addons for Beaver Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...