CVE-2025-68876

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in INVELITY Invelity SPS connect invelity-sps-connect allows Reflected XSS.This issue affects Invelity SPS connect: from n/a through = 1.0.8...

CVE-2025-68868 WordPress Wp Text Slider Widget plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codeaffairs Wp Text Slider Widget wp-text-slider-widget allows Stored XSS.This issue affects Wp Text Slider Widget: from n/a through = 1.0...

CVE-2025-68878 WordPress Advanced Custom CSS plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in prasadkirpekar Advanced Custom CSS advanced-custom-css allows Reflected XSS.This issue affects Advanced Custom CSS: from n/a through = 1.1.0...

Priority Web 跨站脚本漏洞

Priority Web is the Web side of an Enterprise Resource Planning system from Priority Israel. A cross-site scripting vulnerability exists in Priority Web that stems from improper input neutralization and could lead to a cross-site scripting attack...

Priority Web 跨站脚本漏洞

Priority Web is the Web side of an Enterprise Resource Planning system from Priority Israel. A cross-site scripting vulnerability exists in Priority Web that stems from improper input neutralization and could lead to a cross-site scripting attack...

PT-2025-53766

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The software is susceptible to a cross-site scripting XSS issue due to improper input neutralization during web page generation. This allows for the injection o...

PT-2025-53798

Name of the Vulnerable Software and Affected Versions Hiroaki Miyashita Custom Field Template versions through 2.7.5 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Stored Cross-site Scripting issue. This allows for the...

WordPress plugin JetSearch 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

WordPress My auctions allegro cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress My auctions allegro, which stems from improper input neutralization, and no detailed vulnerability details are provided ...

EUVD-2025-205376

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Verisay Communication and Information Technology Industry and Trade Ltd. Co. Aidango allows Cross-Site Scripting XSS.This issue affects Aidango: before 2.144.4...

CVE-2025-2307

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Verisay Communication and Information Technology Industry and Trade Ltd. Co. Aidango allows Cross-Site Scripting XSS. This issue affects Aidango: before 2.144.4...

CVE-2025-2307 XSS in Verisay Communication's Aidango

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Verisay Communication and Information Technology Industry and Trade Ltd. Co. Aidango allows Cross-Site Scripting XSS. This issue affects Aidango: before 2.144.4...

CVE-2025-2406 XSS in Verisay Communication's Trizbi

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Verisay Communication and Information Technology Industry and Trade Ltd. Co. Trizbi allows Cross-Site Scripting XSS. This issue affects Trizbi: before 2.144.4...

Verisay Titarus 跨站脚本漏洞

Verisay Titarus is an enterprise resource planning management system for the car rental industry from Verisay UK. A cross-site scripting vulnerability exists in Verisay Titarus versions prior to 2.144.4 that stems from improper input neutralization and could lead to a cross-site scripting attack...

Microsoft Azure Cosmos DB Spoofing Vulnerability

Microsoft Azure Cosmos DB is a distributed multi-model database from Microsoft USA. A spoofing vulnerability exists in Microsoft Azure Cosmos DB that stems from improper input neutralization and can be exploited by an attacker to cause a network spoofing attack...

Verisay Trizbi 跨站脚本漏洞

Verisay Trizbi is an enterprise resource planning management system for channel vendor management from Verisay UK. A cross-site scripting vulnerability exists in Verisay Trizbi versions prior to 2.144.4, which stems from improper input neutralization and could lead to cross-site scripting attacks...

EUVD-2025-205274

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brownbagmarketing Greenhouse Job Board greenhouse-job-board allows DOM-Based XSS.This issue affects Greenhouse Job Board: from n/a through = 2.7.3...

CVE-2025-2154 Stored XSS in EchoCCS's Specto CM

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Echo Call Center Services Trade and Industry Inc. Specto CM allows Stored XSS. This issue affects Specto CM: before 17032025...

CVE-2025-67630

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webheadcoder WH Tweaks wh-tweaks allows Stored XSS.This issue affects WH Tweaks: from n/a through = 1.0.2...

CVE-2025-68598

CVE-2025-68598 refers to a vulnerability in Live Composer – Free WordPress Website Builder. The connected Wordfence entry details a Stored Cross-Site Scripting (XSS) flaw exploitable via the shortcode dslc_module_posts_output, with exploitation requiring an authenticated user (Contributor+). Affe...