Lucene search
+L

859 matches found

cnnvd
cnnvd
added 2026/01/14 12:0 a.m.6 views

Drupal Flag 安全漏洞

Drupal Flag is a markup creation module for the Drupal community. A security vulnerability exists in Drupal Flag versions 7.X-3.0 through 7.X-3.9, which stems from improper input neutralization during page generation and could lead to a cross-site scripting attack...

5.4CVSS6AI score0.00175EPSS
Exploits1References3
redhatcve
redhatcve
added 2026/01/10 5:41 a.m.4 views

CVE-2025-68867

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in anibalwainstein Effect Maker effect-maker allows DOM-Based XSS.This issue affects Effect Maker: from n/a through = 1.2.1...

6.5CVSS5.9AI score0.00168EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 9:17 a.m.6 views

CVE-2025-23947

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in M.J WP-Player wp-player allows Stored XSS.This issue affects WP-Player: from n/a through = 2.6.1...

6.5CVSS7.2AI score0.0022EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 9:5 a.m.7 views

CVE-2024-34805

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Webvitaly iFrame allows Stored XSS.This issue affects iFrame: from n/a through 5.0...

6.5CVSS6.7AI score0.0026EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 9:4 a.m.8 views

CVE-2024-39665

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in YMC Filter & Grids allows Stored XSS.This issue affects Filter & Grids: from n/a through 2.9.2...

6.5CVSS6AI score0.00289EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 8:48 a.m.5 views

CVE-2025-23461

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in xkollsoftware Social2Blog social2blog allows Reflected XSS.This issue affects Social2Blog: from n/a through = 0.2.990...

7.1CVSS7.2AI score0.00222EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 8:46 a.m.7 views

CVE-2025-23679

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Flourish Pixel FP RSS Category Excluder fp-rss-category-excluder allows Reflected XSS.This issue affects FP RSS Category Excluder: from n/a through = 1.0.0...

7.1CVSS7.2AI score0.0036EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 8:39 a.m.12 views

CVE-2022-35851

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiADC management interface 7.1.0 may allow a remote and authenticated attacker to trigger a stored cross site scripting XSS attack via configuring a specially crafted IP Address...

8CVSS5.5AI score0.00448EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/01/08 12:0 a.m.5 views

WordPress plugin WP App Bar 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.1CVSS5.9AI score0.00149EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/01/08 12:0 a.m.5 views

WordPress plugin Famous 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.1CVSS6AI score0.00228EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/01/08 12:0 a.m.14 views

PT-2026-2195

Name of the Vulnerable Software and Affected Versions pencilwp X Addons for Elementor versions through 1.0.23 Description An issue exists in pencilwp X Addons for Elementor that allows for DOM-Based Cross-site Scripting XSS. This is due to improper neutralization of input during web page...

6.5CVSS6.6AI score0.00175EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/01/08 12:0 a.m.5 views

PT-2026-1926

Name of the Vulnerable Software and Affected Versions WP-BusinessDirectory versions through 3.1.5 Description The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to a Reflected Cross-site Scripting XSS condition. This allows for the injection of...

7.1CVSS6.1AI score0.00194EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/01/07 12:0 a.m.9 views

PT-2026-1653

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit Pro allows Reflected XSS.This issue affects WidgetKit Pro: from n/a through 1.13.1...

7.1CVSS6.4AI score0.00146EPSS
Exploits0References2
osv
osv
added 2026/01/06 9:15 p.m.7 views

CVE-2025-13744

An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component search across GitHub that could be used to exfiltrate sensitive information. An attacker would requi...

5.4CVSS5.7AI score0.00182EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/01/05 12:0 a.m.7 views

PT-2026-1281

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in INTINITUM FORM Geo Controller allows DOM-Based XSS.This issue affects Geo Controller: from n/a through 8.5.2...

6.5CVSS6.4AI score0.00135EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/01/01 12:17 p.m.8 views

CVE-2025-62752

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kalender.digital Kalender.digital kalender-digital allows DOM-Based XSS.This issue affects Kalender.digital: from n/a through = 1.0.13...

6.5CVSS5.9AI score0.00168EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/01 12:17 p.m.10 views

CVE-2025-62757

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier webman-amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through = 1.5.12...

6.5CVSS5.9AI score0.00173EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/01 9:12 a.m.8 views

CVE-2025-62759

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Justin Tadlock Series series allows Stored XSS.This issue affects Series: from n/a through = 2.0.1...

6.5CVSS5.9AI score0.00141EPSS
Exploits0References1
euvd
euvd
added 2025/12/31 9:30 p.m.4 views

EUVD-2025-206070

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Proloy Chakroborty ZD Scribd iPaper allows Reflected XSS.This issue affects ZD Scribd iPaper: from n/a through 1.0...

7.1CVSS5.9AI score0.00149EPSS
Exploits0References2
euvd
euvd
added 2025/12/31 11:53 a.m.5 views

EUVD-2025-205920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through 1.5.12...

6.5CVSS5.9AI score0.00173EPSS
Exploits0References2
Rows per page
Query Builder