158 matches found
CVE-2024-52345
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RobertoAlicata raqrcode ra-qrcode allows Stored XSS.This issue affects raqrcode: from n/a through = 2.1.0...
CVE-2024-43262
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in webriti Busiprof allows Stored XSS.This issue affects Busiprof: from n/a through 2.4.8...
CVE-2024-25934
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FormFacade allows Stored XSS.This issue affects FormFacade: from n/a through 1.0.0...
CVE-2024-7269
Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal Details" form in ConnX ESP HR Management allows Stored XSS attack. An attacker might inject a script to be run in user's browser. After multiple attempts to contact the vendor we did not receive any...
CVE-2024-34413
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SliceWP allows Stored XSS.This issue affects SliceWP: from n/a through 1.1.10...
CVE-2024-44058
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CryoutCreations Parabola allows Stored XSS.This issue affects Parabola: from n/a through 2.4.1...
CVE-2024-52493
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Josh Leuze Meteor Slides meteor-slides allows Stored XSS.This issue affects Meteor Slides: from n/a through = 1.5.7...
CVE-2024-51574
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Simple Goods Simple Goods simple-goods allows Stored XSS.This issue affects Simple Goods: from n/a through = 0.1.3...
CVE-2023-34477
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability allows SQL Injection...
CVE-2021-4176
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
CVE-2025-39407
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Caseproof, LLC Memberpress allows Reflected XSS.This issue affects Memberpress: from n/a before 1.12.0...
CVE-2025-31027 WordPress Tiger theme <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jocoxdesign Tiger tiger allows Reflected XSS.This issue affects Tiger: from n/a through 2.0...
CVE-2025-23986
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fyrewurks Tiki Time allows Reflected XSS.This issue affects Tiki Time: from n/a through 1.3...
PT-2025-21977 · Woocommerce · Active Products Tables For Woocommerce
Name of the Vulnerable Software and Affected Versions: Active Products Tables for WooCommerce versions 1.0.6.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that...
CVE-2025-1647
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Bootstrap allows Cross-Site Scripting XSS.This issue affects Bootstrap: from 3.4.1 before 4.0.0...
WordPress plugin WP jQuery DataTable 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...
CVE-2025-46260
CVE-2025-46260 is a stored cross-site scripting (XSS) vulnerability in the WordPress plugin “Sky Addons for Elementor.” The issue arises from improper input neutralization during web page generation, enabling stored XSS. Affected products/versions: Sky Addons for Elementor versions n/a through 3....
WordPress plugin Peadig’s Google +1 Button 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2025-27289 WordPress Restrict Taxonomies Plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Antoine Guillien Restrict Taxonomies restrict-taxonomies allows Reflected XSS.This issue affects Restrict Taxonomies: from n/a through = 1.3.3...
CVE-2025-32511
CVE-2025-32511 is a Reflected XSS in the WordPress plugin Make Email Customizer for WooCommerce (Excellent Dynamics) affecting versions up to 1.0.5. The vulnerability arises from improper neutralization of input during web page generation, enabling an attacker-supplied payload to be echoed in the...