CVE-2025-23469

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sleekplan Sleekplan sleekplan allows Reflected XSS.This issue affects Sleekplan: from n/a through = 0.2.0...

CVE-2025-13963 FX Currency Converter <= 0.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The FX Currency Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fxccconvert' shortcode in all versions up to, and including, 0.2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress Sleekplan plugin <= 0.2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Mika in WordPress Plugin Sleekplan versions = 0.2.0...

WordPress My Restaurant Menu plugin <= 0.2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin My Restaurant Menu versions = 0.2.0...

matrix-react-skin (>=0.0.1 <=0.0.2), vector-web (=0.3.0) potentially affected by CVE-2022-36060 via matrix-react-sdk (>=0.0.1 <=0.2.0)

matrix-react-sdk NPM version =0.0.1, =0.0.1, =0.0.2 - vector-web =0.3.0 Source cves: CVE-2022-36060 Source advisory: OSV:GHSA-2X9C-QWGF-94XR...