CVE-2025-64362

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SeventhQueen K Elements k-elements allows DOM-Based XSS.This issue affects K Elements: from n/a through 5.5.0...

CVE-2025-64361 WordPress Consulting Elementor Widgets plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StylemixThemes Consulting Elementor Widgets consulting-elementor-widgets allows DOM-Based XSS.This issue affects Consulting Elementor Widgets: from n/a through = 1.4.2...

IBM Concert Software Log Entry Neutralization and Malpractice Vulnerability

IBM Concert Software is IBM's generative AI-driven automated application management and monitoring tool based on the WatsonX platform, focused on optimizing the operational efficiency and reliability of applications. IBM Concert Software has a log input neutralization improper vulnerability that...

EUVD-2025-36880

Drupal JSON Field is vulnerable to XSS...

CVE-2025-10926

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal JSON Field allows Cross-Site Scripting XSS.This issue affects JSON Field: from 0.0.0 before 1.5...

Drupal Plausible tracking 安全漏洞

Drupal Plausible tracking is a data analysis plugin for the Drupal community. A security vulnerability exists in Drupal Plausible tracking versions prior to 1.0.2, which stems from improper input neutralization during page generation and could lead to a cross-site scripting attack...

PT-2025-44417

Name of the Vulnerable Software and Affected Versions Dell Secure Connect Gateway SCG Policy Manager versions 5.20 through 5.28 Description Dell Secure Connect Gateway SCG Policy Manager contains an Improper Neutralization of Input During Web Page Generation issue, also known as Cross-site...

Drupal JSON Field 安全漏洞

Drupal JSON Field is a JSON data presentation plugin for the Drupal community. A security vulnerability exists in Drupal JSON Field versions prior to 1.5, which stems from improper input neutralization during page generation and could lead to a cross-site scripting attack...

Drupal Umami Analytics 安全漏洞

Drupal Umami Analytics is a web statistics plugin for the Drupal community. A security vulnerability exists in Drupal Umami Analytics versions prior to 1.0.1, which stems from improper input neutralization during page generation and could lead to a cross-site scripting attack...

CVE-2025-12083 CivicTheme Design System - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-113

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

CVE-2025-10926 JSON Field - Critical - Cross Site Scripting - SA-CONTRIB-2025-106

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal JSON Field allows Cross-Site Scripting XSS.This issue affects JSON Field: from 0.0.0 before 1.5...

CVE-2025-10926 JSON Field - Critical - Cross Site Scripting - SA-CONTRIB-2025-106

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal JSON Field allows Cross-Site Scripting XSS.This issue affects JSON Field: from 0.0.0 before 1.5...

CVE-2025-64220

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ReyCommerce Rey Core rey-core allows Stored XSS.This issue affects Rey Core: from n/a through = 3.1.8...

CVE-2025-64202 WordPress Sahifa theme < 5.8.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TieLabs Sahifa sahifa allows DOM-Based XSS.This issue affects Sahifa: from n/a through 5.8.6...

CVE-2025-64197 WordPress Rehub theme < 19.9.9.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sizam Rehub rehub-theme allows Stored XSS.This issue affects Rehub: from n/a through 19.9.9.1...

CVE-2025-49042

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Automattic WooCommerce woocommerce allows Stored XSS.This issue affects WooCommerce: from n/a through = 10.0.2...

PT-2025-44265

Name of the Vulnerable Software and Affected Versions Premmerce Product Search for WooCommerce versions through 2.2.4 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting XSS issue. This specific instance...

CVE-2025-36081

IBM Concert Software 1.0.0 through 2.0.0 could allow a user to modify system logs due to improper neutralization of log input...

PT-2025-44227

🔵 Apache Tomcat, Improper Input Neutralization, CVE-2025-45456 Low https://t.co/K5oE1w7vzB...

IBM Concert Software 安全漏洞

IBM Concert Software is IBM's generative AI-driven automated application management and monitoring tool based on the WatsonX platform, focused on optimizing the operational efficiency and reliability of applications. IBM Concert Software has a log input neutralization improper vulnerability that...