CVE-2026-30812

Improper Neutralization of Input During Web Page Generation vulnerability allows Stored Cross-Site Scripting via event comments. This issue affects Pandora FMS: from 777 through 800...

CVE-2026-39541

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Hydra Booking hydra-booking allows Stored XSS.This issue affects Hydra Booking: from n/a through = 1.1.38...

CVE-2026-25353

CVE-2026-25353 is a Reflected XSS vulnerability in the Nooni WordPress theme (Nooni). The issue is described as improper neutralization of input during web page generation and is reported as affecting Nooni versions from n/a up to (but not including) 1.5.1. The connected Wordfence document confir...

CVE-2024-31119

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Vasilis Triantafyllou Special Box for Content allows DOM-Based XSS.This issue affects Special Box for Content: from n/a through 1...

PT-2026-26270

CVE-2025-62043 Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in WPSight WPCasa allows DOM-Based XSS.This issue affects WPCasa: f… https://t.co/jx1gWujkMb...

CVE-2026-28113

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in azzaroco Ultimate Learning Pro indeed-learning-pro allows Reflected XSS.This issue affects Ultimate Learning Pro: from n/a through = 3.9.1...

CVE-2026-28113

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in azzaroco Ultimate Learning Pro indeed-learning-pro allows Reflected XSS.This issue affects Ultimate Learning Pro: from n/a through = 3.9.1...

CVE-2026-28112

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup AllInOne - Banner Rotator all-in-one-bannerRotator allows Reflected XSS.This issue affects AllInOne - Banner Rotator: from n/a through = 3.8...

PT-2026-20699

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through = 5.5.4...

SUSE-SU-2026:0439-1 Security update for apptainer

This update for apptainer fixes the following issues: Security fixes: - CVE-2024-45310: Fixed runc being tricked into creating empty files/directories on host bsc1257432 - CVE-2025-65105: Fixed security bypass due to disabling security options bsc1255462 - CVE-2025-47914: Fixed malformed constrai...

CVE-2026-24576

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in COP UX Flat ux-flat allows Stored XSS.This issue affects UX Flat: from n/a through = 5.4.0...

CVE-2025-27005

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player lbg-vp2-html5-bottom allows Reflected XSS.This issue affects HTML5 Video Player: from n/a through = 5.3.5...

CVE-2025-68859

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in agmorpheus Syntax Highlighter Compress syntax-highlighter-compress allows Reflected XSS.This issue affects Syntax Highlighter Compress: from n/a through = 3.0.83.3...

CVE-2025-62077

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SEOSEON EUROPE S.L Affiliate Link Tracker affiliate-link-tracker allows Stored XSS.This issue affects Affiliate Link Tracker: from n/a through = 0.2...

CVE-2026-24383

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins B Slider b-slider allows DOM-Based XSS.This issue affects B Slider: from n/a through = 2.0.6...

CVE-2025-50005 WordPress tagDiv Composer plugin <= 5.4.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Composer td-composer allows DOM-Based XSS.This issue affects tagDiv Composer: from n/a through = 5.4.2...

CVE-2025-27002

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup CountDown With Image or Video Background countdown-with-background allows Reflected XSS.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...

HP LaserJet Printers Improper Neutralization of Input During Web Page Generation (CVE-2021-41182)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

CVE-2025-55062

CVE-2025-55062 is described across multiple feeds as CWE-79 Improper Neutralization of Input During Web Page Generation (XSS). The Red Hat and NVD/NVD-derived entries confirm an XSS vulnerability attributed to inadequate input handling. The CNNVD entry references Priority Web as the affected inte...

CVE-2025-68532

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in modeltheme ModelTheme Addons for WPBakery and Elementor modeltheme-addons-for-wpbakery allows Stored XSS.This issue affects ModelTheme Addons for WPBakery and Elementor: from n/a through 1.5.6...