53 matches found
PT-2024-34213 · Unknown · Church Admin
Name of the Vulnerable Software and Affected Versions: Church Admin versions prior to 5.0.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: For versions prior ...
PT-2024-33361 · Swebdeveloper · Wppricing Builder
Name of the Vulnerable Software and Affected Versions: Swebdeveloper wpPricing Builder versions n/a through 1.5.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...
PT-2024-33451 · Unknown · Edwiser Bridge
Name of the Vulnerable Software and Affected Versions: Edwiser Bridge versions 3.0.7 and earlier Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS or Stored XSS. This allows Stored XSS attacks, which can be...
PT-2024-32709 · WordPress · Wp-Webauthn
Name of the Vulnerable Software and Affected Versions: WP-WebAuthn versions 1.3.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS or Stored XSS. This allows for Stored XSS attacks. Recommendations...
PT-2024-30876
Name of the Vulnerable Software and Affected Versions Catch Themes Full frame versions 2.7.2 and earlier Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. Specifically, it is a Stored XSS vulnerability. This...
PT-2024-32600 · Unknown · Averta Depicter Slider
Name of the Vulnerable Software and Affected Versions: Averta Depicter Slider versions prior to 3.2.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS in Averta Depicter Slider...
PT-2024-32591 · Litespeed · Litespeed Cache
Name of the Vulnerable Software and Affected Versions: LiteSpeed Cache versions through 6.5.0.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS or Stored XSS. This allows Stored XSS attacks. Recommendations:...
PT-2024-30931 · Unknown · Happyforms
Name of the Vulnerable Software and Affected Versions: Happyforms versions 1.26.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS or Stored XSS. This allows for the storage of malicious scripts in...
PT-2024-28605 · Unknown · Woocommerce
Name of the Vulnerable Software and Affected Versions: WooCommerce versions through 9.1.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for potential exploitation. No information is provided...
PT-2024-30319 · Unknown · Antoine Hurkmans Football Pool
Name of the Vulnerable Software and Affected Versions: Antoine Hurkmans Football Pool versions n/a through 2.11.10 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS, where an attacke...
PT-2024-30347 · Unknown · Post Grid Master
Name of the Vulnerable Software and Affected Versions: Post Grid Master versions 3.4.10 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: For Post Gr...
PT-2024-30007 · Totolink · Totolink A3700R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3700R version 9.1.2u.5822 B20200513 Description: The issue is a buffer overflow vulnerability in the ssid parameter within the setWizardCfg function. This vulnerability can be exploited, potentially allowing unauthorized access or...
PT-2024-29420 · Typora +1 · Typora +1
Name of the Vulnerable Software and Affected Versions: Typora versions prior to 1.9.3 Description: The issue is related to a cross-site scripting XSS vulnerability via the MathJax component. This allows for potential malicious script execution. Recommendations: For versions prior to 1.9.3, update...
PT-2024-27645 · Unknown · Meks Easy Ads Widget
Name of the Vulnerable Software and Affected Versions: Meks Easy Ads Widget versions through 2.0.8 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For...
PT-2024-26710 · Unknown · Tooltip Ck
Name of the Vulnerable Software and Affected Versions: Tooltip CK versions through 2.2.15 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For versions...
PT-2024-26622 · Unknown · Advanced Woo Labels
Name of the Vulnerable Software and Affected Versions: Advanced Woo Labels versions n/a through 1.93 Description: The issue affects Advanced Woo Labels, allowing Cross-Site Scripting XSS due to improper neutralization of input during web page generation. This enables attackers to inject malicious...
PT-2024-25962 · Widgetkit · Widgetkit
Name of the Vulnerable Software and Affected Versions: WidgetKit versions prior to 2.4.9 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables attackers to inject malicious scripts in...
PT-2024-24034 · Unknown · Popup Like Box
Name of the Vulnerable Software and Affected Versions: Popup Like box versions 3.7.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can inject malicious...
PT-2024-22938 · WordPress · The Simple Ajax Chat
Name of the Vulnerable Software and Affected Versions: The Simple Ajax Chat – Add a Fast, Secure Chat Box plugin for WordPress versions up to, and including, 20240216 Description: The issue is related to Stored Cross-Site Scripting via the name field. This allows for potential malicious script...
PT-2023-31658 · Accredible · Accredible Certificates & Open Badges
Name of the Vulnerable Software and Affected Versions: Accredible Certificates & Open Badges versions 1.4.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...