1189 matches found
SUSE CVE-2026-33230
NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. In versions 3.9.3 and prior, nltk.app.wordnetapp contains a reflected cross-site scripting issue in the lookup... route. A crafted...
WordPress Filestack Official plugin <= 2.1.0 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Filestack Official versions = 2.1.0...
WordPress Car Dealer theme <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Car Dealer versions = 1.6.7...
WordPress Addon Jobsearch Chat plugin <= 3.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Phat RiO in WordPress Plugin Addon Jobsearch Chat versions = 3.0...
WordPress Boutique theme < 2.4.6 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Boutique versions 2.4.6...
WordPress Fusion Builder plugin < 3.15.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin Fusion Builder versions 3.15.0...
EUVD-2026-13077
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHunk Gutenberg Blocks allows Reflected XSS.This issue affects Gutenberg Blocks: from n/a through 1.2.8...
EUVD-2025-208858
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Composer allows Reflected XSS.This issue affects tagDiv Composer: from n/a through 5.4.2...
CVE-2026-25442
CVE-2026-25442 affects the Kentha WordPress Theme (Kentha) up to version 4.7.2. The issue is a Reflected Cross-Site Scripting (XSS) vulnerability arising from improper input neutralization during web page generation. The available documents indicate the patch status as Unpatched and do not provid...
CVE-2025-68836
CVE-2025-68836 corresponds to a WordPress plugin vulnerability in the WordPress Table of Contents Creator (versions
CVE-2025-67618 WordPress Brookside theme <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ArtstudioWorks Brookside allows Reflected XSS.This issue affects Brookside: from n/a through 1.4...
CVE-2026-28073 WordPress WP eMember theme <= v10.2.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tips and Tricks HQ WP eMember allows Reflected XSS.This issue affects WP eMember: from n/a through v10.2.2...
WordPress [CR]Paid Link Manager plugin <= 0.5 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin CRPaid Link Manager versions = 0.5...
CVE-2026-25369 WordPress Flexmls® IDX plugin <= 3.15.9 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in flexmls Flexmls® IDX flexmls-idx allows Reflected XSS.This issue affects Flexmls® IDX: from n/a through = 3.15.9...
CVE-2026-25369
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Flexmls Flexmls® IDX allows Reflected XSS.This issue affects Flexmls® IDX: from n/a through 3.15.9...
CVE-2016-20027
CVE-2016-20027 : ZKTeco ZKBioSecurity 3.0 is affected by multiple reflected XSS vulnerabilities. The underlying issue is unsanitized parameters passed to several scripts, enabling attackers to craft malicious URLs that execute arbitrary HTML and script code in a user’s browser session within the ...
EUVD-2025-208398
A reflected Cross-Site Scripting XSS vulnerability has been found in Eventobot. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malicious URL using the 'name' parameter in '/search-results'. This vulnerability can be exploited to steal...
CVE-2026-28102
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup UberSlider Classic uberSliderclassic allows Reflected XSS.This issue affects UberSlider Classic: from n/a through = 2.5...
CVE-2026-28110
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup LambertGroup - AllInOne - Banner with Playlist all-in-one-bannerWithPlaylist allows Reflected XSS.This issue affects LambertGroup - AllInOne - Banner with Playlist: from n/a through =...
EUVD-2026-9764
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup LambertGroup - AllInOne - Banner with Playlist all-in-one-bannerWithPlaylist allows Reflected XSS.This issue affects LambertGroup - AllInOne - Banner with Playlist: from n/a through =...