1126451 matches found
CVE-2026-42676 WordPress myCred plugin <= 3.0.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in myCred allows Stored XSS. This issue affects myCred: from n/a through 3.0.4...
CVE-2026-42676
The CVE-2026-42676 entry documents a Stored XSS vulnerability in the WordPress myCred plugin, affecting versions from n/a through 3.0.4. The root cause is improper input neutralization during web page generation, enabling injected scripts to be stored and served in pages. Multiple connected sourc...
EUVD-2026-33687
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in myCred allows Stored XSS. This issue affects myCred: from n/a through 3.0.4...
CVE-2026-48839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VeronaLabs WP Statistics allows DOM-Based XSS. This issue affects WP Statistics: from n/a through 14.16.6...
CVE-2026-48559
Lightweight Music Server LMS though 3.76.0 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary JavaScript by embedding malicious HTML in media file metadata tags such as GENRE, ARTIST, or ALBUM. Attackers can introduce a crafted media file into the...
CVE-2026-42683
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows DOM-Based XSS. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.8...
CVE-2026-42681
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in E2Pdf.Com e2pdf allows Reflected XSS. This issue affects e2pdf: from n/a through 1.32.14...
CVE-2026-42678 WordPress GiveWP plugin <= 4.14.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liquid Web / StellarWP GiveWP allows DOM-Based XSS. This issue affects GiveWP: from n/a through 4.14.5...
CVE-2026-42678 WordPress GiveWP plugin <= 4.14.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liquid Web / StellarWP GiveWP allows DOM-Based XSS. This issue affects GiveWP: from n/a through 4.14.5...
EUVD-2026-33684
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liquid Web / StellarWP GiveWP allows DOM-Based XSS. This issue affects GiveWP: from n/a through 4.14.5...
WordPress Stop Spammers plugin <= 2026.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Peleg Nagli ultrared.ai in WordPress Plugin Stop Spammers versions = 2026.3...
CVE-2026-42681
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in E2Pdf.Com e2pdf allows Reflected XSS. This issue affects e2pdf: from n/a through 1.32.14...
CVE-2026-42681 WordPress e2pdf plugin <= 1.32.14 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in E2Pdf.Com e2pdf allows Reflected XSS. This issue affects e2pdf: from n/a through 1.32.14...
CVE-2026-42681 WordPress e2pdf plugin <= 1.32.14 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in E2Pdf.Com e2pdf allows Reflected XSS. This issue affects e2pdf: from n/a through 1.32.14...
CVE-2026-42681
CVE-2026-42681 affects the WordPress plugin e2pdf (versions up to 1.32.14). The issue is a Reflected XSS due to improper neutralization during web page generation, enabling cross-site scripting. CVSSv3.1 base score 7.1 (HIGH) with Network attack vector, Low confidentiality/integrity/availability ...
EUVD-2026-33656
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in E2Pdf.Com e2pdf allows Reflected XSS. This issue affects e2pdf: from n/a through 1.32.14...
CVE-2026-42683 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows DOM-Based XSS. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.8...
CVE-2026-42683 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows DOM-Based XSS. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.8...
CVE-2026-42683
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows DOM-Based XSS. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.8...
EUVD-2026-33653
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows DOM-Based XSS. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.8...