CVE-2024-56028

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lemonadestudio Lemonade Social Networks Autoposter Pinterest lemonade-sna-pinterest-edition allows Reflected XSS.This issue affects Lemonade Social Networks Autoposter Pinterest: from n/a through =...

CVE-2024-47327

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eyal Fitoussi GEO my WordPress geo-my-wp allows Reflected XSS.This issue affects GEO my WordPress: from n/a through = 4.5.0.3...

CVE-2024-47386

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended wpextended allows Reflected XSS.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through = 3.0.8...

CVE-2024-29099

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Evergreen Content Poster allows Reflected XSS.This issue affects Evergreen Content Poster: from n/a through 1.4.1...

CVE-2024-29777

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Forminator forminator.This issue affects Forminator: from n/a through = 1.29.0...

CVE-2024-32970

Phlex is a framework for building object-oriented views in Ruby. In affected versions there is a potential cross-site scripting XSS vulnerability that can be exploited via maliciously crafted user data. Since the last two vulnerabilities...

CVE-2024-49248

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spacetime Ad Inserter ad-inserter allows Reflected XSS.This issue affects Ad Inserter: from n/a through = 2.7.37...

CVE-2024-49268

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in sunburntkamel disconnected allows Reflected XSS.This issue affects disconnected: from n/a through 1.3.0...

CVE-2024-36249

Cross-site scripting vulnerability exists in Sharp Corporation and Toshiba Tech Corporation multiple MFPs multifunction printers. If this vulnerability is exploited, an arbitrary script may be executed on the administrative page of the affected MFPs. As for the details of affected product names,...

CVE-2024-54305

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jtexpress J Express Malaysia jt-express allows Reflected XSS.This issue affects J Express Malaysia: from n/a through = 2.0.13...

CVE-2024-51711

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hitesh Khunt Saragna saragna-social-stream allows Reflected XSS.This issue affects Saragna: from n/a through = 1.0...

CVE-2024-51703

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in laura20 WP-Basics wp-basics allows Reflected XSS.This issue affects WP-Basics: from n/a through = 2.0...

CVE-2024-37166

ghtml is software that uses tagged templates for template engine functionality. It is possible to introduce user-controlled JavaScript code and trigger a Cross-Site Scripting XSS vulnerability in some cases. Version 2.0.0 introduces changes to mitigate this issue. Version 2.0.0 contains updated...

CVE-2024-37262

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita allows Reflected XSS.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through...

CVE-2024-37954

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in marcelotorres Simple Responsive Slider allows Reflected XSS.This issue affects Simple Responsive Slider: from n/a through 0.2.2.5...

WordPress Safe SVG Plugin < 1.9.6 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:safesvgproject:safesvg"; ifdescription...

CVE-2024-22191

Avo is a framework to create admin panels for Ruby on Rails apps. A stored cross-site scripting XSS vulnerability was found in the keyvalue field of Avo v3.2.3 and v2.46.0. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the victim's browser. The value of the...

CVE-2024-53965

Adobe Experience Manager (AEM) versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability (CVE-2024-53965). The root cause is manipulation of a DOM element via a crafted URL or user input, enabling a low-privileged attacker to run arbitrary scripts in the vic...

CVE-2024-53821

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Genetech Pie Register Premium allows Reflected XSS.This issue affects Pie Register Premium: from n/a before 3.8.3.3...

CVE-2024-40700 IBM Security Verify Access cross-site scripting

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...