Lucene search
K

158 matches found

CNNVD
CNNVD
added 2025/02/24 12:0 a.m.4 views

WordPress plugin Table of Contents Block 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress plugin Table o...

6.5CVSS7.6AI score0.00251EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/16 1:26 p.m.6 views

CVE-2025-23652

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fabio Zuanon Add custom content after post add-custom-content-after-post allows Reflected XSS.This issue affects Add custom content after post: from n/a through = 1.0...

7.1CVSS7.2AI score0.00285EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/14 12:44 p.m.10 views

CVE-2025-23748 WordPress Singsys -Awesome Gallery plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Singsys Singsys -Awesome Gallery awesome-gallery-singsys allows Reflected XSS.This issue affects Singsys -Awesome Gallery: from n/a through = 1.0...

7.1CVSS7.2AI score0.00285EPSS
Exploits0References1
CVE
CVE
added 2025/02/14 12:44 p.m.49 views

CVE-2025-23650

CVE-2025-23650 describes a reflected XSS vulnerability in the WordPress plugin “Tidy.ro” by razvypp. The Red Hat and NVD entries confirm the flaw as an Improper Neutralization of Input During Web Page Generation, enabling Reflected XSS for Tidy.ro versions up to 1.3 (development and affected scop...

7.1CVSS7.2AI score0.0026EPSS
Exploits0References1
CVE
CVE
added 2025/02/14 12:44 p.m.47 views

CVE-2025-23652

Summary (CVE-2025-23652): A WordPress plugin issue in Add custom content after post (notFound) exhibits Reflected Cross-Site Scripting due to improper input neutralization during web page generation. Affected versions are n/a through 1.0. The Red Hat and PT Security entries explicitly note the vu...

7.1CVSS7.2AI score0.00285EPSS
Exploits0References1
NVD
NVD
added 2025/02/07 10:15 a.m.10 views

CVE-2025-25098

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zack Katz Links in Captions links-in-captions allows Stored XSS.This issue affects Links in Captions: from n/a through = 1.2...

6.5CVSS0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 2:37 a.m.6 views

CVE-2025-23998

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in raratheme UltraLight the-ultralight allows Reflected XSS.This issue affects UltraLight: from n/a through = 1.2...

7.1CVSS7.2AI score0.00251EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:51 p.m.9 views

CVE-2024-43950

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Nextbricks Brickscore allows Stored XSS.This issue affects Brickscore: from n/a through 1.4.2.5...

7.1CVSS6.6AI score0.00256EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:45 p.m.15 views

CVE-2024-43244

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in favethemes Houzez allows Reflected XSS.This issue affects Houzez: from n/a through 3.2.4...

7.1CVSS6.8AI score0.00255EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 3:24 a.m.4 views

CVE-2024-51760

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ristretto Apps Dashing Memberships dashing-memberships allows Reflected XSS.This issue affects Dashing Memberships: from n/a through = 1.1...

7.1CVSS7.2AI score0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:48 a.m.7 views

CVE-2024-37920

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Repute InfoSystems ARForms Form Builder allows Reflected XSS.This issue affects ARForms Form Builder: from n/a through 1.6.7...

7.1CVSS6.9AI score0.00327EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 12:33 a.m.10 views

CVE-2024-55972

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in chriscarvache eTemplates etemplates allows SQL Injection.This issue affects eTemplates: from n/a through = 0.2.1...

9.3CVSS7.3AI score0.01169EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/04 10:24 p.m.5 views

CVE-2024-53812

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jacques Malgrange WP GeoNames wp-geonames allows Reflected XSS.This issue affects WP GeoNames: from n/a through = 1.8...

7.1CVSS7.2AI score0.00275EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/27 2:22 p.m.4 views

CVE-2025-23574 WordPress CubePM plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jonathan Lau CubePM cubepm allows Reflected XSS.This issue affects CubePM: from n/a through = 1.0...

7.1CVSS7.2AI score0.00271EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/21 5:21 p.m.22 views

CVE-2025-23551 WordPress SexBundle plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in razvypp SexBundle sexbundle allows Reflected XSS.This issue affects SexBundle: from n/a through = 1.4...

7.1CVSS0.0022EPSS
Exploits0References1
NVD
NVD
added 2025/01/14 2:15 p.m.21 views

CVE-2024-48893

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker to perform a stored cross site scripting XSS attack via the creation of malicious playbook...

6.8CVSS0.00447EPSS
Exploits0References1
NVD
NVD
added 2025/01/07 11:15 a.m.9 views

CVE-2025-22293

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gutentor Gutentor gutentor allows DOM-Based XSS.This issue affects Gutentor: from n/a through = 3.4.3...

6.5CVSS0.00276EPSS
Exploits0References1
CVE
CVE
added 2025/01/07 10:48 a.m.50 views

CVE-2025-22359

CVE-2025-22359 : Reflected XSS in SyncFields (WordPress plugin) — improper neutralization during web page generation leads to cross-site scripting. Affected: SyncFields versions up to 2.1 (from unknown earliest to 2.1). CVSSv3.1 score 7.1 (HIGH). Connected sources corroborate the Reflected XSS an...

7.1CVSS7.2AI score0.00303EPSS
Exploits0References1
NVD
NVD
added 2025/01/02 10:15 a.m.12 views

CVE-2024-56038

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in catalinsendsms SendSMS sendsms allows Reflected XSS.This issue affects SendSMS: from n/a through = 1.2.9...

7.1CVSS0.0025EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.4 views

PT-2025-3176 · Unknown · Lemonade Social Networks Autoposter Pinterest

Name of the Vulnerable Software and Affected Versions: Lemonade Social Networks Autoposter Pinterest versions n/a through 2.0 Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting XSS. This problem enables...

7.1CVSS9AI score0.0025EPSS
Exploits0References8
Rows per page
Query Builder