Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

30 matches found

RedhatCVE
RedhatCVEadded 2026/05/24 2:12 a.m.11 views

CVE-2021-47968

Podcast Generator 3.1 is vulnerable to persistent cross-site scripting, allowing authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the longdescription parameter. Attackers can inject script tags through episode creation or editing requests to execute...

6.4CVSS6AI score0.00193EPSS
Exploits0References1
NVD
NVDadded 2026/05/15 7:16 p.m.13 views

CVE-2021-47968

Podcast Generator 3.1 is vulnerable to persistent cross-site scripting, allowing authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the longdescription parameter. Attackers can inject script tags through episode creation or editing requests to execute...

6.4CVSS0.00193EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/15 6:36 p.m.10 views

EUVD-2021-34821

Podcast Generator 3.1 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the longdescription parameter. Attackers can inject script tags through episode creation or editing requests t...

6.4CVSS5.9AI score0.00193EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/15 6:36 p.m.40 views

CVE-2021-47968 Podcast Generator 3.1 Persistent Cross-Site Scripting via long_description

Podcast Generator 3.1 is vulnerable to persistent cross-site scripting, allowing authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the longdescription parameter. Attackers can inject script tags through episode creation or editing requests to execute...

6.4CVSS0.00193EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/15 6:36 p.m.2 views

CVE-2021-47968

Podcast Generator 3.1 is vulnerable to persistent cross-site scripting, allowing authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the longdescription parameter. Attackers can inject script tags through episode creation or editing requests to execute...

6.4CVSS6AI score0.00193EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/15 6:36 p.m.8 views

CVE-2021-47968 Podcast Generator 3.1 Persistent Cross-Site Scripting via long_description

Podcast Generator 3.1 is vulnerable to persistent cross-site scripting, allowing authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the longdescription parameter. Attackers can inject script tags through episode creation or editing requests to execute...

6.4CVSS6AI score0.00193EPSS
Exploits0References4
CVE
CVEadded 2026/05/15 6:36 p.m.17 views

CVE-2021-47968

CVE-2021-47968 affects Podcast Generator 3.1. The vulnerability is a persistent cross-site scripting (XSS) flaw in the long_description field where authenticated users can submit unfiltered JavaScript during episode creation or editing, causing injected scripts to run when others view episode det...

6.4CVSS6AI score0.00193EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/05/15 12:0 a.m.7 views

Podcast Generator 跨站脚本漏洞

Podcast Generator is an open-source set of free podcast publishing scripts written in PHP language. Version 3.1 of Podcast Generator has a cross-site scripting vulnerability. This vulnerability stems from a persistent cross-site scripting issue, which may allow authenticated attackers to inject...

6.4CVSS5.7AI score0.00193EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2026/02/28 2:0 p.m.6 views

CVE-2026-2362

The WP Accessibility plugin for WordPress is vulnerable to Stored DOM-Based Cross-Site Scripting via the 'alt' attribute of images processed by the "Long Description UI" feature in all versions up to, and including, 2.3.1. This is due to the plugin's JavaScript retrieving the alt attribute using...

6.4CVSS6AI score0.00205EPSS
Exploits0References1
EUVD
EUVDadded 2026/02/27 9:30 a.m.4 views

EUVD-2026-9016

The WP Accessibility plugin for WordPress is vulnerable to Stored DOM-Based Cross-Site Scripting via the 'alt' attribute of images processed by the "Long Description UI" feature in all versions up to, and including, 2.3.1. This is due to the plugin's JavaScript retrieving the alt attribute using...

6.4CVSS6AI score0.00205EPSS
Exploits0References7
NVD
NVDadded 2026/02/27 9:16 a.m.6 views

CVE-2026-2362

The WP Accessibility plugin for WordPress is vulnerable to Stored DOM-Based Cross-Site Scripting via the 'alt' attribute of images processed by the "Long Description UI" feature in all versions up to, and including, 2.3.1. This is due to the plugin's JavaScript retrieving the alt attribute using...

6.4CVSS0.00205EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/02/27 8:24 a.m.5 views

CVE-2026-2362 WP Accessibility <= 2.3.1 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via 'alt' Attribute

The WP Accessibility plugin for WordPress is vulnerable to Stored DOM-Based Cross-Site Scripting via the 'alt' attribute of images processed by the "Long Description UI" feature in all versions up to, and including, 2.3.1. This is due to the plugin's JavaScript retrieving the alt attribute using...

6.4CVSS5.9AI score0.00205EPSS
Exploits0References6
CVE
CVEadded 2026/02/27 8:24 a.m.16 views

CVE-2026-2362

CVE-2026-2362 affects the WP Accessibility plugin for WordPress (versions

6.4CVSS6AI score0.00205EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/02/27 12:0 a.m.6 views

PT-2026-22318

The WP Accessibility plugin for WordPress is vulnerable to Stored DOM-Based Cross-Site Scripting via the 'alt' attribute of images processed by the "Long Description UI" feature in all versions up to, and including, 2.3.1. This is due to the plugin's JavaScript retrieving the alt attribute using...

6.4CVSS6AI score0.00205EPSS
Exploits0References7
RedhatCVE
RedhatCVEadded 2026/01/29 3:26 a.m.11 views

CVE-2025-70336

A Stored cross-site scripting XSS vulnerability in 'Create New Live Item' in PodcastGenerator 3.2.9 allows remote attackers to inject arbitrary script or HTML via the 'TITLE', 'SHORT DESCRIPTION' and 'LONG DESCRIPTION' parameters. The saved payload gets executed on 'View All Live Items' and 'Live...

4.8CVSS5.9AI score0.00176EPSS
Exploits0References1
CVE
CVEadded 2026/01/28 12:0 a.m.8 views

CVE-2025-70336

PodcastGenerator 3.2.9 contains a stored XSS vulnerability in the Create New Live Item workflow. Attackers can inject script/HTML via TITLE, SHORT DESCRIPTION, or LONG DESCRIPTION; the payload is executed on the View All Live Items and Live Stream pages. The issue is confirmed across multiple fee...

4.8CVSS5.9AI score0.00176EPSS
Exploits0References2Affected Software1
EUVD
EUVDadded 2026/01/28 12:0 a.m.3 views

EUVD-2025-206501

A Stored cross-site scripting XSS vulnerability in 'Create New Live Item' in PodcastGenerator 3.2.9 allows remote attackers to inject arbitrary script or HTML via the 'TITLE', 'SHORT DESCRIPTION' and 'LONG DESCRIPTION' parameters. The saved payload gets executed on 'View All Live Items' and 'Live...

4.8CVSS5.9AI score0.00176EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/01/28 12:0 a.m.4 views

CVE-2025-70336

A Stored cross-site scripting XSS vulnerability in 'Create New Live Item' in PodcastGenerator 3.2.9 allows remote attackers to inject arbitrary script or HTML via the 'TITLE', 'SHORT DESCRIPTION' and 'LONG DESCRIPTION' parameters. The saved payload gets executed on 'View All Live Items' and 'Live...

5.9AI score0.00176EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/22 6:34 p.m.5 views

CVE-2021-3271

PressBooks 5.17.3 contains a cross-site scripting XSS. Stored XSS can be submitted via the Book Info's Long Description Body, and all actions to open or preview the books page will result in the triggering the stored XSS...

4.8CVSS5.2AI score0.00931EPSS
Exploits2References1
Cvelist
Cvelistadded 2021/05/07 8:16 p.m.25 views

CVE-2021-31451

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS8.6AI score0.02761EPSS
Exploits0References2
Rows per page
Query Builder