53 matches found
PT-2025-14969 · Unknown · Administrator Z
Name of the Vulnerable Software and Affected Versions: Administrator Z versions n/a through 2025.03.04 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing DOM-Based XSS. Recommendations: For versions n/a...
PT-2025-14231 · Smartarget · Smartarget Popup
Name of the Vulnerable Software and Affected Versions: Smartarget Popup versions 1.4 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...
PT-2025-7179 · Prezi · Prezi Embedder
Name of the Vulnerable Software and Affected Versions: Prezi Embedder versions prior to 2.1 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored Cross-site Scripting XSS. This means that an attacker can inject malicious scripts...
PT-2025-4620 · Unknown · Hesabfa Accounting
Name of the Vulnerable Software and Affected Versions: Hesabfa Accounting versions prior to 2.1.2 Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting XSS. This means an attacker can inject malicious scripts...
PT-2025-4925 · Unknown · Rsvpmaker Volunteer Roles
Name of the Vulnerable Software and Affected Versions: RSVPMaker Volunteer Roles versions 1.5.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting XSS. This enables attackers to inject malicious...
PT-2025-5054 · Unknown · Fures Xtra Settings
Name of the Vulnerable Software and Affected Versions: fures XTRA Settings versions n/a through 2.1.8 Description: The issue is related to improper neutralization of input during web page generation, which allows for Reflected XSS. This means that an attacker can inject malicious scripts into the...
PT-2025-4989 · Unknown · Notfound Content Planner
Name of the Vulnerable Software and Affected Versions: NotFound Content Planner versions n/a through 1.0 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting, which allows Reflected XSS. Recommendations: For versions...
PT-2025-4705 · Unknown · Thorsten Krug Multilang Contact Form
Name of the Vulnerable Software and Affected Versions: Thorsten Krug Multilang Contact Form versions n/a through 1.5 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting'. This allows for Reflected XSS...
PT-2025-2953 · Silverstripe · Silverstripe/Framework
Name of the Vulnerable Software and Affected Versions: Silverstripe Framework versions prior to 5.3.8 Description: The Silverstripe Framework, a PHP framework powering the Silverstripe CMS, has an intentional feature allowing form messages to contain HTML markup for links and other relevant...
PT-2025-4446 · Unknown · Cf7Save Extension
Name of the Vulnerable Software and Affected Versions: Cf7Save Extension versions prior to 1 Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting XSS. This enables attackers to inject malicious scripts into w...
PT-2025-4509 · Unknown · Hitesh Patel Metadata Seo
Name of the Vulnerable Software and Affected Versions: Hitesh Patel Metadata SEO versions n/a through 2.3 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means that an attacker ca...
PT-2024-36481 · Unknown · Online Nurse Hiring System
Name of the Vulnerable Software and Affected Versions: Online Nurse Hiring System version 1.0 Description: A SQL injection issue was discovered in the /admin/profile.php component through the fullname parameter. This allows for potential exploitation. Recommendations: For Online Nurse Hiring Syst...
PT-2024-36126 · Unknown · Abcbiz Addons/Templates For Elementor
Name of the Vulnerable Software and Affected Versions: ABCBiz Addons and Templates for Elementor versions 2.0.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which leads to a Stored Cross-site Scripting XSS vulnerability. This...
PT-2024-35032 · Unknown · What Would Seth Godin Do
Name of the Vulnerable Software and Affected Versions: What Would Seth Godin Do versions prior to 2.1.1 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored Cross-site Scripting XSS. This enables attackers to inject malicious...
PT-2024-35899 · Elementor · Codeless Cowidgets – Elementor Addons
Name of the Vulnerable Software and Affected Versions: Codeless Cowidgets – Elementor Addons versions prior to 1.2.0 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored Cross-site Scripting XSS. This enables attackers to inject...
PT-2024-34935 · Unknown · Keymaster Chord Notation Free
Name of the Vulnerable Software and Affected Versions: Keymaster Chord Notation Free versions 1.0.2 and earlier Description: The issue affects the Keymaster Chord Notation Free plugin, allowing Stored XSS due to improper neutralization of input during web page generation. This can lead to the...
PT-2024-34440 · Unknown · Kashipara E-Learning Management System Project
Name of the Vulnerable Software and Affected Versions: KASHIPARA E-learning Management System Project version 1.0 Description: A Stored Cross-Site Scripting XSS issue was found in the /admin/calendar of events.php endpoint, allowing remote attackers to execute arbitrary scripts via the date start...
PT-2024-34855 · Unknown · Narnoo Commerce Manager
Name of the Vulnerable Software and Affected Versions: Narnoo Commerce Manager versions 1.6.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: For...
PT-2024-34913 · Unknown · Elementsready Addons For Elementor
Name of the Vulnerable Software and Affected Versions: ElementsReady Addons for Elementor versions n/a through 6.4.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...
PT-2024-34213 · Unknown · Church Admin
Name of the Vulnerable Software and Affected Versions: Church Admin versions prior to 5.0.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: For versions prior ...