WordPress Plugin TheGem Theme Elements for Elementor 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

CVE-2026-39702 WordPress Animation Addons for Elementor plugin <= 2.6.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows DOM-Based XSS.This issue affects Animation Addons for Elementor: from n/a through = 2.6.1...

CVE-2026-32356

CVE-2026-32356 affects the WordPress Robo Gallery plugin (

WordPress plugin terms description: Security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There was a...

WordPress plugin Tutor LMS BunnyNet Integration: Cross-site scripting vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2025-69360

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for WPBakery thegem-elements allows DOM-Based XSS.This issue affects TheGem Theme Elements for WPBakery: from n/a through = 5.11.0...

CVE-2025-62097

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in seothemes SEO Slider seo-slider allows DOM-Based XSS.This issue affects SEO Slider: from n/a through = 1.1.1...

CVE-2025-66103 WordPress WPCal.io plugin <= 0.9.5.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in revmakx WPCal.io wpcal allows DOM-Based XSS.This issue affects WPCal.io: from n/a through = 0.9.5.9...

CVE-2025-69019 WordPress FlippingBook plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FlippingBook FlippingBook flippingbook allows DOM-Based XSS.This issue affects FlippingBook: from n/a through = 2.0.1...

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is enterprise-grade content management software CMS from Adobe for building, managing, and deploying digital experiences such as websites, mobile apps, digital assets, and forms. Adobe Experience Manager suffers from a cross-site scripting vulnerability that stems from a...

CVE-2025-67552 WordPress Walker Core plugin <= 1.3.17 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WalkerWP Walker Core walker-core allows DOM-Based XSS.This issue affects Walker Core: from n/a through = 1.3.17...

CVE-2025-67553

CVE-2025-67553 affects the WordPress Advanced FAQ Manager plugin (versions

PT-2025-50046

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows DOM-Based XSS.This issue affects Xpro Elementor Addons: from n/a through = 1.4.19.1...

EUVD-2017-4655

Malware in sbrugna...

EUVD-2023-55790

Malicious code in bioql PyPI...

PT-2025-38940

Name of the Vulnerable Software and Affected Versions PlayerJS versions through 2.24 Description The software contains a flaw related to improper input handling during web page generation, specifically a DOM-Based Cross-site Scripting issue. This allows for potential malicious code execution with...

CVE-2024-51841

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Abdul Awal Uzzal File Select Control For Elementor file-select-control-for-elementor allows DOM-Based XSS.This issue affects File Select Control For Elementor: from n/a through = 1.3...

CVE-2024-50547

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mark Hodder Themedy Toolbox themedy-toolbox allows DOM-Based XSS.This issue affects Themedy Toolbox: from n/a through = 1.0.16...

CVE-2021-23027

On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, and 14.1.x before 14.1.4.3, a DOM based cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user...

CVE-2025-46483

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Moss Peadig’s Google +1 Button google-1 allows DOM-Based XSS.This issue affects Peadig’s Google +1 Button: from n/a through = 0.1.2...