Lucene search
+L

333 matches found

ATTACKERKB
ATTACKERKB
added 2026/01/22 4:51 p.m.2 views

CVE-2025-49045

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Interactive Maps super-interactive-maps allows Reflected XSS.This issue affects Super Interactive Maps: from n/a through = 2.3...

6.1CVSS5.3AI score0.00237EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.8 views

PT-2026-4055

Name of the Vulnerable Software and Affected Versions GLS Shipping for WooCommerce versions through 1.4.0 Description The software contains a flaw related to improper input handling during web page generation, which can lead to Reflected Cross-Site Scripting XSS. This allows an attacker to inject...

5.3AI score0.00237EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/21 3:27 p.m.7 views

CVE-2025-57786

A reflected cross-site scripting xss vulnerability exists in the notifynewstudy functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

6.1CVSS5.6AI score0.00235EPSS
Exploits1References1
OSV
OSV
added 2026/01/20 3:17 p.m.3 views

CVE-2025-58089

Multiple reflected cross-site scripting xss vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This...

6.1CVSS5.9AI score0.00229EPSS
Exploits1References1
NVD
NVD
added 2026/01/20 3:16 p.m.7 views

CVE-2025-44000

A reflected cross-site scripting xss vulnerability exists in the sendOruReport functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

6.1CVSS0.00317EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/13 10:53 p.m.5 views

CVE-2025-69268

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Reflected XSS.This issue affects DX NetOps Spectrum: 24.3.8 and earlier...

6.1CVSS6.5AI score0.0014EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.5 views

Zippy-CRM 跨站脚本漏洞

Zippy-CRM is an accounting system with a web interface by Leon Personal Developer. A cross-site scripting vulnerability exists in Zippy-CRM version 6.5.4 that stems from unvalidated input parameters and could lead to a reflected cross-site scripting attack...

6.1CVSS5.7AI score0.00238EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.5 views

CVE-2025-68873

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in chloédigital PRIMER by chloédigital primer-by-chloedigital allows Reflected XSS.This issue affects PRIMER by chloédigital: from n/a through = 1.0.25...

7.1CVSS5.9AI score0.00146EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.8 views

CVE-2025-27002

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup CountDown With Image or Video Background countdown-with-background allows Reflected XSS.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.8 views

CVE-2023-49185

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Doofinder Doofinder WP & WooCommerce Search allows Reflected XSS.This issue affects Doofinder WP & WooCommerce Search: from n/a through 2.1.7...

7.1CVSS7.1AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:56 a.m.6 views

CVE-2023-4979

Cross-site Scripting XSS - Reflected in GitHub repository librenms/librenms prior to 23.9.0...

8.8CVSS6.1AI score0.00589EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.6 views

CVE-2025-23754

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ulrich Sossou The Loops the-loops allows Reflected XSS.This issue affects The Loops: from n/a through = 1.0.2...

7.1CVSS7.2AI score0.00271EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/08 9:17 a.m.32 views

CVE-2025-68887 WordPress WP-BusinessDirectory plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Reflected XSS.This issue affects WP-BusinessDirectory: from n/a through = 4.0.1...

7.1CVSS0.00194EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/08 9:17 a.m.38 views

CVE-2025-67933 WordPress Taskbuilder plugin <= 4.0.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in taskbuilder Taskbuilder taskbuilder allows Reflected XSS.This issue affects Taskbuilder: from n/a through = 4.0.9...

7.1CVSS0.00146EPSS
Exploits0References1
NVD
NVD
added 2026/01/07 1:15 p.m.12 views

CVE-2025-46494

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit Pro allows Reflected XSS.This issue affects WidgetKit Pro: from n/a through 1.13.1...

7.1CVSS0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/07 11:54 a.m.31 views

CVE-2025-69082 WordPress Arlo theme <= 6.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Frenify Arlo arlo allows Reflected XSS.This issue affects Arlo: from n/a through = 6.0.3...

7.1CVSS0.00142EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/07 7:17 a.m.5 views

CVE-2025-13369 Premmerce WooCommerce Customers Manager <= 1.1.14 - Reflected Cross-Site Scripting

The Premmerce WooCommerce Customers Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'moneyspentfrom', 'moneyspentto', 'registeredfrom', and 'registeredto' parameters in all versions up to, and including, 1.1.14 due to insufficient input sanitization and output...

6.1CVSS5.3AI score0.00269EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/01/07 12:0 a.m.6 views

WordPress plugin Arlo 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

7.1CVSS6AI score0.00142EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/12/31 7:56 p.m.5 views

CVE-2025-23707

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matamko En Masse en-masse-wp allows Reflected XSS.This issue affects En Masse: from n/a through = 1.0...

7.1CVSS7.2AI score0.00149EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.3 views

WordPress plugin ZhinaTwitterWidget 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS7.1AI score0.00149EPSS
Exploits0References1
Rows per page
Query Builder