859 matches found
Drupal Flag 安全漏洞
Drupal Flag is a markup creation module for the Drupal community. A security vulnerability exists in Drupal Flag versions 7.X-3.0 through 7.X-3.9, which stems from improper input neutralization during page generation and could lead to a cross-site scripting attack...
CVE-2025-68867
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in anibalwainstein Effect Maker effect-maker allows DOM-Based XSS.This issue affects Effect Maker: from n/a through = 1.2.1...
CVE-2025-23947
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in M.J WP-Player wp-player allows Stored XSS.This issue affects WP-Player: from n/a through = 2.6.1...
CVE-2024-34805
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Webvitaly iFrame allows Stored XSS.This issue affects iFrame: from n/a through 5.0...
CVE-2024-39665
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in YMC Filter & Grids allows Stored XSS.This issue affects Filter & Grids: from n/a through 2.9.2...
CVE-2025-23461
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in xkollsoftware Social2Blog social2blog allows Reflected XSS.This issue affects Social2Blog: from n/a through = 0.2.990...
CVE-2025-23679
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Flourish Pixel FP RSS Category Excluder fp-rss-category-excluder allows Reflected XSS.This issue affects FP RSS Category Excluder: from n/a through = 1.0.0...
CVE-2022-35851
An improper neutralization of input during web page generation vulnerability CWE-79 in FortiADC management interface 7.1.0 may allow a remote and authenticated attacker to trigger a stored cross site scripting XSS attack via configuring a specially crafted IP Address...
WordPress plugin WP App Bar 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
WordPress plugin Famous 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2026-2195
Name of the Vulnerable Software and Affected Versions pencilwp X Addons for Elementor versions through 1.0.23 Description An issue exists in pencilwp X Addons for Elementor that allows for DOM-Based Cross-site Scripting XSS. This is due to improper neutralization of input during web page...
PT-2026-1926
Name of the Vulnerable Software and Affected Versions WP-BusinessDirectory versions through 3.1.5 Description The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to a Reflected Cross-site Scripting XSS condition. This allows for the injection of...
PT-2026-1653
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit Pro allows Reflected XSS.This issue affects WidgetKit Pro: from n/a through 1.13.1...
CVE-2025-13744
An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component search across GitHub that could be used to exfiltrate sensitive information. An attacker would requi...
PT-2026-1281
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in INTINITUM FORM Geo Controller allows DOM-Based XSS.This issue affects Geo Controller: from n/a through 8.5.2...
CVE-2025-62752
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kalender.digital Kalender.digital kalender-digital allows DOM-Based XSS.This issue affects Kalender.digital: from n/a through = 1.0.13...
CVE-2025-62757
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier webman-amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through = 1.5.12...
CVE-2025-62759
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Justin Tadlock Series series allows Stored XSS.This issue affects Series: from n/a through = 2.0.1...
EUVD-2025-206070
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Proloy Chakroborty ZD Scribd iPaper allows Reflected XSS.This issue affects ZD Scribd iPaper: from n/a through 1.0...
EUVD-2025-205920
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through 1.5.12...