CVE-2025-67708 Reflected cross-site scripting (XSS) vulnerability in ArcGIS Server.

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

EUVD-2025-206061

Cross-Site Request Forgery CSRF vulnerability in Themefy Bloggie allows Reflected XSS.This issue affects Bloggie: from n/a through 2.0.8...

EUVD-2025-206072

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZoomSounds allows Reflected XSS.This issue affects ZoomSounds: from n/a through 6.91...

CVE-2025-52739

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uxper Sala allows Reflected XSS.This issue affects Sala: from n/a through 1.1.3...

CVE-2025-23707 WordPress En Masse plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matamko En Masse allows Reflected XSS.This issue affects En Masse: from n/a through 1.0...

CVE-2025-23707 WordPress En Masse plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matamko En Masse en-masse-wp allows Reflected XSS.This issue affects En Masse: from n/a through = 1.0...

CVE-2025-23667

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Christopher Churchill custom-post-edit front-end-post-edit allows Reflected XSS.This issue affects custom-post-edit: from n/a through = 1.0.4...

CVE-2021-47743

The CVE-2021-47743 entry concerns COMMAX Biometric Access Control System 1.0.0 with an unauthenticated reflected XSS in cookie parameters CMX_ADMIN_NM and CMX_COMPLEX_NM. The vulnerability allows injection of HTML/JavaScript to run in a victim’s browser session. Documents do not specify affected ...

CVE-2025-14312

The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

WordPress Binary MLM Woocommerce plugin <= 2.0 - Reflected Cross-Site Scripting via 'page' vulnerability

Reflected Cross-Site Scripting via 'page' vulnerability discovered by vgo0 in WordPress Plugin Binary MLM Woocommerce versions = 2.0...

PT-2025-54401

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Omar Mohamed Mohamoud LIVE TV allows Reflected XSS.This issue affects LIVE TV: from n/a through 1.2...

CVE-2022-50802

ETAP Safety Manager 1.0.0.32 is affected by an unauthenticated reflected XSS in the 'action' GET parameter. The vulnerability allows injection of HTML/JavaScript to execute in victims’ browsers, potentially leaking credentials or enabling unauthorized actions. The issue is documented across multi...

CVE-2025-68876

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in INVELITY Invelity SPS connect invelity-sps-connect allows Reflected XSS.This issue affects Invelity SPS connect: from n/a through = 1.0.8...

EUVD-2025-205691

The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

WordPress plugin Off Page SEO 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

EUVD-2025-205612

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Prasadkirpekar Advanced Custom CSS allows Reflected XSS.This issue affects Advanced Custom CSS: from n/a through 1.1.0...

XSSREFLECTOR

XSS Reflector XSS Reflector adalah tools otomatis untuk...

CVE-2024-40317

A reflected cross-site scripting XSS vulnerability in MyNET up to v26.08 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the parameter HTTP...

CVE-2025-66119

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bob Hostel hostel allows Reflected XSS.This issue affects Hostel: from n/a through = 1.1.5.9...

CVE-2025-63949

A Reflected Cross-Site Scripting XSS vulnerability in yohanawi Hotel Management System commit 87e004a allows a remote attacker to execute arbitrary web script via the 'error' parameter in pages/room.php...