Lucene search
K

79 matches found

NVD
NVD
added 2026/07/02 12:17 p.m.3 views

CVE-2026-57366

Unauthenticated Cross Site Scripting XSS in WPAdverts = 2.3.1 versions...

7.1CVSS0.00191EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 12:17 p.m.6 views

CVE-2026-57351

Unauthenticated Cross Site Scripting XSS in HandL UTM Grabber = 2.9.2 versions...

7.1CVSS0.00191EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 12:17 p.m.5 views

CVE-2026-57344

Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.4.2 versions...

7.1CVSS0.00191EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 12:17 p.m.6 views

CVE-2026-27408

Unauthenticated Cross Site Scripting XSS in NativeChurch = 4.8.8.2 versions...

7.1CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:14 a.m.14 views

CVE-2025-69155

CVE-2025-69155 affects the Fitness Zone WordPress Theme up to version 5.7. It is described as an unauthenticated Cross Site Scripting (XSS) vulnerability in the theme, with CVSS v3.1 base score 7.1 (HIGH). Attack vector: NETWORK; Attack complexity: LOW; Privileges required: NONE; User interaction...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/29 1:36 p.m.6 views

CVE-2026-57336

Unauthenticated Cross Site Scripting XSS in Jobify = 4.3.2 versions...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 1:12 p.m.5 views

EUVD-2026-39384

Unauthenticated Cross Site Scripting XSS in Forminator = 1.53.1 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:20 p.m.14 views

CVE-2026-39548

Unauthenticated Cross Site Scripting XSS in MagOne = 9.0 versions...

7.1CVSS0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.28 views

CVE-2024-49269 WordPress my flatonica theme <= 0.0.8 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in my flatonica = 0.0.8 versions...

7.1CVSS0.00241EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:17 p.m.9 views

CVE-2026-48871

Unauthenticated Cross Site Scripting XSS in MW WP Form = 5.1.3 versions...

7.1CVSS0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.8 views

CVE-2026-42649

Unauthenticated Cross Site Scripting XSS in Favicon Rotator = 1.2.11 versions...

7.1CVSS0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.6 views

CVE-2026-39514

Unauthenticated Cross Site Scripting XSS in Paid Member Subscriptions = 2.17.3 versions...

7.1CVSS0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.15 views

CVE-2026-34902

Unauthenticated Cross Site Scripting XSS in WooCommerce Product Table Lite = 4.6.3 versions...

7.1CVSS0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:19 p.m.9 views

CVE-2026-52702 WordPress SEO Redirection plugin <= 9.17 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in SEO Redirection = 9.17 versions...

7.1CVSS5.1AI score0.00145EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.19 views

PT-2026-49354

Unauthenticated Cross Site Scripting XSS in Redirection for Contact Form 7 = 3.2.8 versions...

7.1CVSS5.1AI score0.00237EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/13 5:32 a.m.8 views

CVE-2026-9109 GPTranslate <= 2.31 - Unauthenticated Stored Cross-Site Scripting via REST API Translation Storage

The GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API Translation Storage in all versions up to, and including, 2.31 due to insufficient input sanitization and output escaping...

7.2CVSS5.5AI score0.00316EPSS
Exploits0References12
Patchstack
Patchstack
added 2026/05/29 1:33 p.m.20 views

WordPress LiteSpeed Cache plugin <= 7.7 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin LiteSpeed Cache versions = 7.7...

7.2CVSS5.8AI score0.00359EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/05/15 7:17 p.m.14 views

CVE-2026-45622

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, there is an unauthenticated reflected cross-site scripting XSS issue in the public product return form in Vvveb CMS. The customerorderid POST parameter is inserted into the...

5.3CVSS0.00258EPSS
Exploits0References1
CVE
CVE
added 2026/05/15 6:42 p.m.16 views

CVE-2026-45622

Vvveb CMS (version prior to 1.0.8.3) is affected by an unauthenticated reflected XSS in the public product return form. The issue arises from inserting the customer_order_id into the error message without HTML escaping, allowing attacker-controlled HTML/JavaScript to execute in the submitting use...

5.3CVSS5.6AI score0.00258EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.23 views

PT-2026-41359

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, there is an unauthenticated reflected cross-site scripting XSS issue in the public product return form in Vvveb CMS. The customer order id POST parameter is inserted into the...

5.3CVSS5.6AI score0.00258EPSS
Exploits0References2
Rows per page
Query Builder