EUVD-2026-13091

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPEverest Everest Forms Pro allows Stored XSS.This issue affects Everest Forms Pro: from n/a through 1.9.10...

CVE-2026-32448

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eric Teubert Podlove Podcast Publisher podlove-podcasting-plugin-for-wordpress allows Stored XSS.This issue affects Podlove Podcast Publisher: from n/a through = 4.3.3...

CVE-2025-68520

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods DotLife dotlife allows Reflected XSS.This issue affects DotLife: from n/a through 4.9.5...

CVE-2025-67551

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wappointment team Wappointment wappointment allows Stored XSS.This issue affects Wappointment: from n/a through = 2.6.9...

EUVD-2021-27077

Malware in sbrugna...

CVE-2025-58703

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in skyword Skyword API Plugin skyword-plugin allows Stored XSS.This issue affects Skyword API Plugin: from n/a through = 2.5.3...

CVE-2025-49389

CVE-2025-49389 refers to a stored XSS vulnerability in the WordPress plugin Notice Bar (WEN Solutions) affecting versions up to 3.1.3 . The weakness arises from improper input neutralization during web page generation, enabling malicious script injection into pages generated by the plugin. Public...

CVE-2025-30952

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdive Nexa Blocks nexa-blocks allows Stored XSS.This issue affects Nexa Blocks: from n/a through = 1.1.0...

WordPress plugin eMarksheet 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin SKSDEV Toolkit 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2024-47388 WordPress SliceWP Affiliates plugin <= 1.1.18 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SliceWP allows Reflected XSS.This issue affects SliceWP: from n/a through 1.1.18...

CVE-2024-32140

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Libsyn Libsyn Publisher Hub allows Stored XSS.This issue affects Libsyn Publisher Hub: from n/a through 1.4.4...

Cross-Site Scripting (XSS)

yetiforcecrm is vulnerable to cross-site scripting. The vulnerability exists due to a lack of sanitization of input during web page generation...