6239 matches found
WordPress Beaver Builder plugin <= 2.8.3.2 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Beaver Builder versions = 2.8.3.2...
CVE-2024-41847 Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79)
Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browse...
CVE-2024-41150 Stored XSS
An Stored Cross-site Scripting vulnerability in request module affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions: through 14810; ServiceDesk Plus MSP: through 14800; SupportCenter Plus: through 14800...
PT-2024-30020 · Unknown · Blood Bank/Donation Management System
Name of the Vulnerable Software and Affected Versions: Blood Bank And Donation Management System affected versions not specified Description: A cross-site scripting XSS vulnerability in the component update page details.php allows attackers to execute arbitrary web scripts or HTML via a crafted...
CVE-2024-43304
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Reflected XSS.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.8.0...
pmiltd.com Cross Site Scripting vulnerability OBB-3958524
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress Invite Anyone plugin <= 1.4.7 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Invite Anyone versions = 1.4.7...
PT-2024-38053 · WordPress · Elementskit Pro
Name of the Vulnerable Software and Affected Versions: ElementsKit Pro plugin for WordPress versions up to, and including, 3.6.5 Description: The issue is related to Stored Cross-Site Scripting via several parameters due to insufficient input sanitization and output escaping. This allows...
CVE-2024-43225
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ThemeLooks Enter Addons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.7...
CVE-2024-40481
A Stored Cross Site Scripting XSS vulnerability was found in "/admin/view-enquiry.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the Contact Us page "message" parameter...
Microsoft Dynamics 365 (on-premises) cross-site scripting vulnerability (CNVD-2024-40538)
Microsoft Dynamics 365 is a suite of ERP business solutions for multinational organizations from Microsoft USA. It is used for financial management, production management and business intelligence management. Microsoft Dynamics 365 on-premises suffers from a cross-site scripting vulnerability tha...
Microweber add_tagging_tagged.php file cross-site scripting vulnerability
Microweber is Microweber open source can provide drag and drop functionality of the online store management system . The system includes adding products , images and other modules. microweber version 2.0.16 cross-site scripting vulnerability , the vulnerability stems from...
krevatiamoros.gr Cross Site Scripting vulnerability OBB-3953870
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress WPBakery plugin <= 7.7 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability
Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by João Pedro Soares de Alcântara in WordPress Plugin WPBakery Page Builder versions = 7.7...
bouwbedrijfarends.nl Cross Site Scripting vulnerability OBB-3953605
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
PT-2024-29582 · WordPress · Cooked
Name of the Vulnerable Software and Affected Versions: Cooked plugin for WordPress versions up to, and including, 1.8.0 Description: The issue is related to Persistent Cross-Site Scripting XSS via the cooked-timer shortcode due to insufficient input sanitization and output escaping. This allows...
web.vietsingle.com Cross Site Scripting vulnerability OBB-3953367
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
art-exlibris.net Cross Site Scripting vulnerability OBB-3953303
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
horizoncampus.edu.lk Cross Site Scripting vulnerability OBB-3953157
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2024-41355
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/tools/request-ip/index.php...