CMSimple Cross-Site Scripting Vulnerability (CNVD-2026-02658)

CMSimple is a free content management system. CMSimple suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the Edit parameter of the Settings menu, for which no detailed vulnerability details are available at this...

Exploit for Cross-site Scripting in Cpanel

Badges !MIT Licensehttps://img.shields.io/badge/Licens...

CVE-2024-32553

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in looksawesome Superfly Menu superfly-menu.This issue affects Superfly Menu: from n/a through = 5.0.25...

CVE-2024-32126 WordPress Navigation menu as dropdown Widget plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jeroen Peters Navigation menu as Dropdown Widget allows Stored XSS.This issue affects Navigation menu as Dropdown Widget: from n/a through 1.3.4...

CVE-2024-32579

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GloriaFood Restaurant Menu – Food Ordering System – Table Reservation allows Stored XSS.This issue affects Restaurant Menu – Food Ordering System – Table Reservation: from n/a through 2.4.1...

CVE-2024-32553 WordPress Superfly Menu plugin <= 5.0.25 - Subscriber+ Site-Wide Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in looksawesome Superfly Menu superfly-menu.This issue affects Superfly Menu: from n/a through = 5.0.25...

CVE-2024-32553 WordPress Superfly Menu plugin <= 5.0.25 - Subscriber+ Site-Wide Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in looksawesome Superfly Menu superfly-menu.This issue affects Superfly Menu: from n/a through = 5.0.25...

CVE-2024-32553

CVE-2024-32553 affects WordPress Plugin – WordPress Menu Plugin (Superfly Menu). Vulnerable component is looks_awesome functionality (stored XSS) with root cause described as improper neutralization of input during web page generation. Impact per sources is Stored XSS with confidentiality/integri...

CVE-2024-32579

Technical details about CVE-2024-32579 are not publicly provided in the supplied documents. Current data confirms a Stored XSS issue in GloriaFood plugin versions up to 2.4.1; monitor for official advisories and patches.

CVE-2024-32579 WordPress Restaurant Menu – Food Ordering System – Table Reservation plugin <= 2.4.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GloriaFood Restaurant Menu – Food Ordering System – Table Reservation allows Stored XSS.This issue affects Restaurant Menu – Food Ordering System – Table Reservation: from n/a through 2.4.1...

WordPress Plugin Restaurant Menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2024-24700 · Unknown · Gloriafood Restaurant Menu – Food Ordering System – Table Reservation

Name of the Vulnerable Software and Affected Versions: GloriaFood Restaurant Menu – Food Ordering System – Table Reservation versions through 2.4.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for...

PT-2024-24674 · Unknown · Looks Awesome Superfly Menu

Name of the Vulnerable Software and Affected Versions: looks awesome Superfly Menu versions n/a through 5.0.25 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker...

PT-2024-24420 · Unknown · Navigation Menu As Dropdown Widget

Name of the Vulnerable Software and Affected Versions: Navigation menu as Dropdown Widget versions 1.3.4 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can...

CVE-2024-32345

A cross-site scripting XSS vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Configuration parameter under the Language section...

CVE-2024-32344

A cross-site scripting XSS vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit parameter under the Language section...

CVE-2024-32746

A cross-site scripting XSS vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the MENU parameter under the Menu module...

CVE-2024-32746

A cross-site scripting XSS vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the MENU parameter under the Menu module...

CVE-2024-32340

A cross-site scripting XSS vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the WEBSITE TITLE parameter under the Menu module...

CVE-2024-30953

A stored cross-site scripting XSS vulnerability in Htmly v2.9.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Link Name parameter of Menu Editor module...