CVE-2025-62059

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force SureRank surerank.This issue affects SureRank: from n/a through = 1.3.2...

CVE-2025-62041

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Elementor thegem-elementor.This issue affects TheGem Elementor: from n/a through = 5.10.5.1...

CVE-2025-53239

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bnovotny User Registration Aide user-registration-aide allows Reflected XSS.This issue affects User Registration Aide: from n/a through = 1.5.3.8...

EUVD-2025-38097

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Elementor thegem-elementor.This issue affects TheGem Elementor: from n/a through = 5.10.5...

CVE-2025-62036

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uxper Togo togo.This issue affects Togo: from n/a through 1.0.4...

CVE-2025-64196 WordPress Booster for WooCommerce plugin <= 7.2.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Reflected XSS.This issue affects Booster for WooCommerce: from n/a through = 7.2.5...

CVE-2025-64196

The CVE-2025-64196 entry describes a Cross-Site Scripting (Reflected XSS) vulnerability in the Booster for WooCommerce plugin’s WordPress component (woocommerce-jetpack) affecting version range up to and including 7.2.5. The root cause is improper neutralization of input during web page generatio...

CVE-2025-62040 WordPress YOP Poll plugin <= 6.5.37 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YOP YOP Poll yop-poll.This issue affects YOP Poll: from n/a through = 6.5.37...

CVE-2025-62032 WordPress tagDiv Cloud Library plugin < 3.9.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Cloud Library td-cloud-library allows DOM-Based XSS.This issue affects tagDiv Cloud Library: from n/a through 3.9.2...

CVE-2025-62030

The CVE-2025-62030 entry applies to WordPress tagDiv Composer (td-composer) and describes an improper neutralization of input during web page generation, i.e., a Cross-Site Scripting (XSS) vulnerability affecting tagDiv Composer versions through 5.4.1. The Red Hat ENISA and NVD records corroborat...

CVE-2025-62012 WordPress TheGem (Elementor) theme <= 5.10.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Elementor thegem-elementor.This issue affects TheGem Elementor: from n/a through = 5.10.5...

CVE-2025-59556

CVE-2025-59556 is a reflected XSS vulnerability in the WordPress GoStore theme/plugin GoStore gostore, caused by improper input neutralization during page generation. Affected software is GoStore gostore versions prior to 1.6.4 (GoStore: from n/a through

CVE-2025-54721

The CVE-2025-54721 entry concerns the WordPress Resca theme (Resca) version ≤ 3.0.2. The issue is an improper neutralization of input during web page generation, resulting in a Reflected XSS vulnerability. Affected component: Resca theme code responsible for rendering input into pages; impact is ...

CVE-2025-53239

The CVE affects the WordPress plugin User Registration Aide by bnovotny (versions

CVE-2025-53239 WordPress User Registration Aide Plugin <= 1.5.3.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bnovotny User Registration Aide user-registration-aide allows Reflected XSS.This issue affects User Registration Aide: from n/a through = 1.5.3.8...

EUVD-2025-37982

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Proliz Software Ltd. Co. OBS Student Affairs Information System allows Stored XSS.This issue affects OBS Student Affairs Information System: before 25.0401...

CVE-2025-11956

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Proliz Software Ltd. Co. OBS Student Affairs Information System allows Stored XSS. This issue affects OBS Student Affairs Information System: before 25.0401...

CVE-2025-10955

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Netcad Software Inc. Netigma allows XSS Through HTTP Query Strings. This issue affects Netigma: from 6.3.5 before 6.3.5 V8...

WordPress plugin TheGem (Elementor) 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that provides the ability to host a personal blog site on a PHP and MySQL based server. A cross-site scripting...

PT-2025-45291

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Elementor thegem-elementor.This issue affects TheGem Elementor: from n/a through = 5.10.5...