CVE-2025-28253

This CVE entry is rejected and not used; it does not represent an active vulnerability.

elderscrollsportal.de Cross Site Scripting vulnerability OBB-4040541

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

mx.domiplay.net Cross Site Scripting vulnerability OBB-4040442

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

pe.domiplay.net Cross Site Scripting vulnerability OBB-4040443

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2025-28928

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sureshdsk Are you robot google recaptcha for wordpress are-you-robot-recaptcha allows Reflected XSS.This issue affects Are you robot google recaptcha for wordpress: from n/a through = 2.2...

CVE-2025-28899

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in toddhuish WP Event Ticketing wpeventticketing allows Reflected XSS.This issue affects WP Event Ticketing: from n/a through = 1.3.4...

CVE-2025-26573

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JamRizzi Technologies Rizzi Guestbook rizzi-guestbook allows Reflected XSS.This issue affects Rizzi Guestbook: from n/a through = 4.0.1...

CVE-2025-26747 WordPress RainbowNews theme <= 1.0.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 99colorthemes RainbowNews allows Stored XSS.This issue affects RainbowNews: from n/a through 1.0.7...

CVE-2025-30545

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pixeline issuuPress issuupress allows Stored XSS.This issue affects issuuPress: from n/a through = 1.3.2...

CVE-2025-30606

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Logan Carlile Easy Page Transition easy-page-transition allows Stored XSS.This issue affects Easy Page Transition: from n/a through = 1.0.1...

CVE-2025-28924

CVE-2025-28924 is a Reflected XSS affecting ZenphotoPress (NotFound ZenphotoPress entry) with versions up to 1.8. The issue arises from improper input neutralization during web page generation. The CVSSv3.1 base score is 7.1 (HIGH): network attack vector, low confidentiality/integrity/availabilit...

CVE-2025-28924 WordPress ZenphotoPress plugin <= 1.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Simbul ZenphotoPress zenphotopress allows Reflected XSS.This issue affects ZenphotoPress: from n/a through = 1.8...

CVE-2025-28869 WordPress NextGEN Gallery Voting plugin <= 2.7.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shauno NextGEN Gallery Voting nextgen-gallery-voting allows Reflected XSS.This issue affects NextGEN Gallery Voting: from n/a through = 2.7.6...

CVE-2025-26565

CVE-2025-26565 affects GNUPress WordPress Plugin, versions up to 0.2.9. It is a Reflected Cross‑Site Scripting (XSS) vulnerability arising from improper neutralization of input during web page generation. CVSS v3.1 base score is 7.1 (HIGH) with network attack vector, no privileges required, user ...

CVE-2025-26541

CVE-2025-26541 affects the WordPress plugin Bitcoin / AltCoin Payment Gateway for WooCommerce (and Multivendor store)

CVE-2025-23714 WordPress AppReview plugin <= 0.2.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in podspod AppReview appreview allows Reflected XSS.This issue affects AppReview: from n/a through = 0.2.9...

CVE-2025-23546 WordPress RDP inGroups+ plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound RDP inGroups+ allows Reflected XSS. This issue affects RDP inGroups+: from n/a through 1.0.6...

CVE-2025-23542

CVE-2025-23542 is a reflected XSS in the WordPress plugin RDP Linkedin Login (vendor: WordPress plugin, affected: versions up to 1.7.0). The NVD/Red Hat and CVE enrichment confirm the flaw stems from improper input neutralization during web page generation, enabling reflected XSS. CVSSv3.1 base s...

do604.com Cross Site Scripting vulnerability OBB-4040230

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

digitallibrary.academyofathens.gr Cross Site Scripting vulnerability OBB-4040175

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...