5654 matches found
CVE-2025-66057
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in boldthemes Bold Page Builder bold-page-builder allows DOM-Based XSS.This issue affects Bold Page Builder: from n/a through = 5.5.2...
CVE-2025-66093 WordPress Extensions for Leaflet Map plugin <= 4.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hupe13 Extensions for Leaflet Map extensions-leaflet-map allows DOM-Based XSS.This issue affects Extensions for Leaflet Map: from n/a through = 4.8...
WordPress plugin Head Meta Data 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Funnel Builder by FunnelKit 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...
WordPress plugin Envo Extra 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
WordPress plugin Extensions for Leaflet Map 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
WordPress plugin Stylish Cost Calculator 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-47733
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in boldthemes Bold Page Builder bold-page-builder allows DOM-Based XSS.This issue affects Bold Page Builder: from n/a through = 5.5.2...
EUVD-2025-198349
Improper neutralization of input in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes manager accounts to be able to craft XSS attacks to their own advertiser users...
CVE-2025-48987
Improper Neutralization of Input in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes a potential reflected XSS attack...
CVE-2025-48987
Improper Neutralization of Input in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes a potential reflected XSS attack...
CVE-2025-0643 XSS in Narkom Communication Technologies' Pyxis Signage
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Narkom Communication and Software Technologies Trade Ltd. Co. Pyxis Signage allows Stored XSS. This issue affects Pyxis Signage: through 31012025...
Revive Adserver 安全漏洞
Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from a...
Revive Adserver 安全漏洞
Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from a...
Dell SmartFabric OS10 Software Command Injection Vulnerability (CNVD-2025-29162)
Dell SmartFabric OS10 Software is a Debian Linux-based operating system from Dell, USA. Dell SmartFabric OS10 Software suffers from a command injection vulnerability that originates from improper neutralization of special elements in commands, which can be exploited by an attacker to cause comman...
CVE-2025-11963
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Saysis Computer Systems Trade Ltd. Co. StarCities allows Reflected XSS. This issue affects StarCities: before 1.1.61...
CVE-2025-11963
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Saysis Computer Systems Trade Ltd. Co. StarCities allows Reflected XSS. This issue affects StarCities: before 1.1.61...
OpenText UCMDB 跨站脚本漏洞
OpenText UCMDB is a software from OpenText Canada Inc. It is used to generate and maintain a configuration management database for information technology projects. A cross-site scripting vulnerability exists in OpenText UCMDB version 24.4, which stems from improper input neutralization during web...
CVE-2025-55059
CWE-79 Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting'...
CVE-2025-55056
Multiple CWE-79 Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting'...