KodExplorer - Cross-Site Scripting

KodExplorer is susceptible to a reflected cross-site scripting XSS vulnerability in the file view functionality.The vulnerability exists in app/template/api/view.html where user-supplied input in the 'path' parameter is directly echoed without proper sanitization.This allows attackers to inject...

CVE-2025-23787

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Foxskav Easy Bet easy-bet allows Reflected XSS.This issue affects Easy Bet: from n/a through = 1.0.7...

EUVD-2022-45423

Malicious code in bioql PyPI...

EUVD-2025-8521

Malicious code in bioql PyPI...

EUVD-2022-24893

Malicious code in bioql PyPI...

EUVD-2024-30346

Malicious code in bioql PyPI...

CVE-2025-49057 WordPress WP Voting Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ko Min WP Voting allows Reflected XSS. This issue affects WP Voting: from n/a through 1.8...

CVE-2025-53820 WeGIA vulnerable to Cross-Site Scripting (XSS) Reflected via endpoint 'index.php' parameter 'erro'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the index.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject...

CVE-2025-52796

CVE-2025-52796 describes a Cross-Site Scripting (XSS) vulnerability in WordPress WP-Recall (versions up to 16.26.14). Root cause: improper input neutralization during web page generation. Affected software: WP-Recall

CVE-2025-48241

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Soft8Soft LLC Verge3D verge3d allows Reflected XSS.This issue affects Verge3D: from n/a through = 4.9.3...

CVE-2023-36484

ILIAS 7.21 and 8.0beta1 through 8.2 is vulnerable to reflected Cross-Site Scripting XSS...

PT-2025-22009 · Unknown · Ghostwriter

Name of the Vulnerable Software and Affected Versions: Ghostwriter versions n/a through 1.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential attackers to inject...

CVE-2025-21572

CVE-2025-21572 affects OpenGrok 1.13.25. The vulnerability is a reflected Cross-Site Scripting (XSS) in the history view page caused by improper handling of path segments, resulting in unsanitized user input being reflected in HTML output. Reported impact per CVSS: MEDIUM (6.1), with network atta...

CVE-2025-46350 Yeswiki Vulnerable to Authenticated Reflected Cross-site Scripting

YesWiki is a wiki system written in PHP. Prior to version 4.5.4, an attacker can use a reflected cross-site scripting attack to steal cookies from an authenticated user by having them click on a malicious link. Stolen cookies allow the attacker to take over the user’s session. This vulnerability...

CVE-2025-39519 WordPress Bulk Page Stub Creator plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in runthings.dev Bulk Page Stub Creator bulk-page-stub-creator allows Reflected XSS.This issue affects Bulk Page Stub Creator: from n/a through = 1.1...

CVE-2025-22796 WordPress WP-Asambleas Plugin <= 2.85.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in platcom WP-Asambleas wp-asambleas allows Reflected XSS.This issue affects WP-Asambleas: from n/a through = 2.85.0...

CVE-2025-31028

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Huseyin Berberoglu WP Hide Categories wp-hide-categories allows Reflected XSS.This issue affects WP Hide Categories: from n/a through = 1.0...

PT-2025-16079 · WordPress · Wp Table Builder

Name of the Vulnerable Software and Affected Versions: WP Table Builder versions 2.0.4 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting. This allows for Reflected XSS. Recommendations: For WP Table...

CVE-2025-31389 WordPress Sequel plugin <= 1.0.11 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sequel.Io Sequel allows Reflected XSS.This issue affects Sequel: from n/a through 1.0.11...

CVE-2025-28882

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Omnify, Inc. Omnify omnify-widget allows Reflected XSS.This issue affects Omnify: from n/a through = 2.0.3...