CVE-2025-23545

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Navnish Bhardwaj WP Social Broadcast wp-social-broadcast allows Reflected XSS.This issue affects WP Social Broadcast: from n/a through = 1.0.0...

CVE-2025-23722 WordPress Mind3doM RyeBread Widgets plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mind3dom Mind3doM RyeBread Widgets mind3dom-ryebread-widgets allows Reflected XSS.This issue affects Mind3doM RyeBread Widgets: from n/a through = 1.0...

CVE-2025-23545 WordPress WP Social Broadcast plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Navnish Bhardwaj WP Social Broadcast wp-social-broadcast allows Reflected XSS.This issue affects WP Social Broadcast: from n/a through = 1.0.0...

IBM CICS TX Advanced Cross-Site Scripting Vulnerability (CNVD-2025-02532)

IBM CICS TX Advanced is a transaction processing monitoring system from International Business Machines IBM for running large-scale, high-transaction-volume applications in enterprise environments. IBM CICS TX Advanced suffers from a cross-site scripting vulnerability that stems from the...

CVE-2024-56923

Stored Cross-Site Scripting XSS Vulnerability in the Categorization Option of My Subscriptions Functionality in Silverpeas Core 6.3.1 = 6.4.1 allows a remote attacker to execute arbitrary JavaScript code. This is achieved by injecting a malicious payload into the Name field of a subscription. The...

CVE-2025-23811

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ghasemy14 WP2APP wp2appir allows Reflected XSS.This issue affects WP2APP: from n/a through = 2.6.2...

CVE-2025-23462

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anil Jailta FWD Slider fwd-slider allows Reflected XSS.This issue affects FWD Slider: from n/a through = 1.0...

CVE-2025-23701 WordPress Lime Developer Login plugin <= 1.4.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in limesquare Lime Developer Login lime-developer-login allows Reflected XSS.This issue affects Lime Developer Login: from n/a through = 1.4.0...

CVE-2025-23535 WordPress REAL WordPress Sidebar plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in clickandsell REAL WordPress Sidebar allows Stored XSS. This issue affects REAL WordPress Sidebar: from n/a through 0.1...

CVE-2025-23507 WordPress Blrt WP Embed plugin <= 1.6.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Blrt Blrt WP Embed allows Reflected XSS. This issue affects Blrt WP Embed: from n/a through 1.6.9...

CVE-2025-23580 WordPress BizLibrary plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matthew BizLibrary bizlibrary allows Reflected XSS.This issue affects BizLibrary: from n/a through = 1.1...

CVE-2025-22718

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in roninwp FAT Event Lite fat-event-lite allows Stored XSS.This issue affects FAT Event Lite: from n/a through = 1.1...

WordPress Term Taxonomy Converter Plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Term Taxonomy Converter versions = 1.2...

CVE-2025-0450

The Betheme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom JS functionality in all versions up to, and including, 27.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-0530 code-projects Job Recruitment _feedback_system.php cross site scripting

A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. This vulnerability affects unknown code of the file /parse/feedbacksystem.php. The manipulation of the argument type leads to cross site scripting. The attack can be initiated remotely. The exploit...

CVE-2024-12508

The Glofox Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'glofox' and 'glofoxleadcapture ' shortcodes in all versions up to, and including, 2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

Cross-Site Scripting (XSS)

silverstripe/framework is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper sanitisation of user-provided content in form messages, allows HTML markup, including potentially harmful scripts, to be processed and displayed without proper filtering, leading to the...

CVE-2025-23965

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kopatheme Kopa Nictitate Toolkit kopa-nictitate-toolkit allows Stored XSS.This issue affects Kopa Nictitate Toolkit: from n/a through = 1.0.2...

CVE-2025-23940

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in horiyuki Image Switcher image-switcher allows Stored XSS.This issue affects Image Switcher: from n/a through = 0.1.1...

CVE-2025-23897

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ivobrett Apply with LinkedIn buttons apply-with-linkedin-buttons allows DOM-Based XSS.This issue affects Apply with LinkedIn buttons: from n/a through = 2.3...