Lucene search
+L

61 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-2940

Malicious code in bioql PyPI...

6.1CVSS6.8AI score0.00503EPSS
Exploits1References4
NVD
NVD
added 2025/06/10 11:15 p.m.6 views

CVE-2025-46910

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS0.00275EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/10 10:18 p.m.11 views

CVE-2025-47113 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/17 3:48 p.m.20 views

CVE-2025-27284 WordPress Flagged Content Plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in divspark Flagged Content flagged-content allows Reflected XSS.This issue affects Flagged Content: from n/a through = 1.0.2...

7.1CVSS0.00257EPSS
Exploits0References1
CVE
CVE
added 2025/04/11 8:42 a.m.57 views

CVE-2025-32601

CVE-2025-32601: Twispay Credit Card Payments (WordPress plugin) is affected by a Reflected XSS in input handling during web page generation. Affected version range: up to 2.1.2. CVSS v3.1 base score 7.1 (HIGH); attack vector: Network; user interaction required. Public fix status: Unpatched per av...

7.1CVSS7.2AI score0.00326EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/31 6:7 a.m.26 views

CVE-2025-30987 WordPress JetBlocks For Elementor plugin <= 1.3.16 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Stored XSS.This issue affects JetBlocks For Elementor: from n/a through = 1.3.16...

6.5CVSS0.00194EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/03 1:30 p.m.15 views

CVE-2025-23762 WordPress DsgnWrks Twitter Importer plugin <= 1.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Justin Sternberg DsgnWrks Twitter Importer dsgnwrks-twitter-importer allows Reflected XSS.This issue affects DsgnWrks Twitter Importer: from n/a through = 1.1.4...

7.1CVSS0.00363EPSS
Exploits0References1
OSV
OSV
added 2024/11/15 3:44 p.m.15 views

CVE-2024-51495 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/dev-overview-data.inc.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the Device Overview page allows authenticated users to inject arbitrary JavaScript through the "overwriteip" parameter when editing a device. This vulnerability results i...

4.8CVSS5.4AI score0.00396EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/10/17 6:7 p.m.6 views

CVE-2024-43997 WordPress easy.jobs- Best Recruitment Plugin for Job Board Listing, Manager, Career Page for Elementor & Gutenberg plugin <= 2.4.14 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in easy.Jobs EasyJobs allows Reflected XSS.This issue affects EasyJobs: from n/a through 2.4.14...

7.1CVSS6.9AI score0.00339EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/01 8:20 p.m.41 views

CVE-2024-47528 LibreNMS Contains a Stored XSS via File Upload

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Stored Cross-Site Scripting XSS can be achieved by uploading a new Background for a Custom Map. Users with "admin" role can set background for a custom map, this allow the upload of SVG file that can contain XSS payload...

4.6CVSS0.00388EPSS
Exploits1References2
Patchstack
Patchstack
added 2024/06/20 12:0 a.m.13 views

WordPress My Favorites Plugin <= 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software My Favorites Type Plugin Vulnerable versions = 1.4.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37114 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1e94c277c4f6 Credits Jean Tirstan T Required privilege Contribut...

6.5CVSS6.6AI score0.00298EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/05/17 12:0 a.m.8 views

WordPress Elegant Blocks Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)

Software Elegant Blocks Type Plugin Vulnerable versions = 1.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34769 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7e0e4f032069 Credits 4rCanJ0x! Required privilege Contributor...

6.5CVSS6.6AI score0.00248EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2024/03/18 1:37 a.m.9 views

brasseler.marcant.net Cross Site Scripting vulnerability OBB-3876483

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Prion
Prion
added 2023/10/26 1:15 p.m.29 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in wpdevart Contact Form Builder, Contact Widget plugin = 2.1.6 versions...

5.8CVSS6AI score0.00331EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.7 views

WordPress Superfast Mailgun for the Newsletter plugin Plugin < 1.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Superfast Mailgun for the Newsletter plugin Type Plugin Vulnerable versions 1.2.4 Fixed in 1.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 05f4a612540e Credits Rafie...

6.9AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.11 views

WordPress WP Delicious Plugin < 1.5.3 is vulnerable to Cross Site Scripting (XSS)

Software WP Delicious Type Plugin Vulnerable versions 1.5.3 Fixed in 1.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f958188390a5 Credits Rafie Muhammad Patchstack Required...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/06/23 1:15 p.m.24 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Dream-Theme The7 plugin = 11.6.0 versions...

5.8CVSS6AI score0.00382EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2023/02/12 9:44 a.m.16 views

wws-ceramic.com Cross Site Scripting vulnerability OBB-3192124

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Patchstack
Patchstack
added 2023/01/23 12:0 a.m.45 views

WordPress Image and Video Lightbox, Image PopUp Plugin <= 2.1.5 is vulnerable to Cross Site Scripting (XSS)

Software Image and Video Lightbox, Image PopUp Type Plugin Vulnerable versions = 2.1.5 Fixed in 2.1.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-24004 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 4d9c16d4d9c1 Credits...

5.9CVSS5.8AI score0.00392EPSS
Exploits0References2Affected Software1
Openbugbounty
Openbugbounty
added 2023/01/02 10:21 a.m.24 views

web.burnettcounty.org Cross Site Scripting vulnerability OBB-3126911

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Rows per page
Query Builder