CVE-2026-25417 WordPress ProfileGrid plugin <= 5.9.8.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Stored XSS.This issue affects ProfileGrid : from n/a through = 5.9.8.1...

CVE-2026-25350

CVE-2026-25350 is a Reflected XSS vulnerability in the Miti WordPress theme (Miti miti) affecting versions

CVE-2026-24983 WordPress UpSolution Core plugin <= 8.41 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in UpSolution UpSolution Core us-core allows Reflected XSS.This issue affects UpSolution Core: from n/a through = 8.41...

CVE-2025-69296

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhostPool Aardvark aardvark allows Reflected XSS.This issue affects Aardvark: from n/a through = 4.6.3...

CVE-2025-67923

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through = 3.7.7...

CVE-2025-2204

Technical details about CVE-2025-2204 are not publicly available in the provided documents. Monitor for updates.

CVE-2025-23696

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ronan Mockett Staging CDN staging-cdn allows Reflected XSS.This issue affects Staging CDN: from n/a through = 1.0.0...

CVE-2025-23838

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rally Vincent Bauernregeln bauernregeln allows Reflected XSS.This issue affects Bauernregeln: from n/a through = 1.0.1...

CVE-2025-23635

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mobde3net ePermissions epermissions allows Reflected XSS.This issue affects ePermissions: from n/a through = 1.2...

CVE-2022-0121

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hoppscotch hoppscotch/hoppscotch.This issue affects hoppscotch/hoppscotch before 2.1.1...

CVE-2025-52739

CVE-2025-52739 affects WordPress Sala theme versions up to 1.1.3. The root cause is improper neutralization of input during web page generation, enabling Reflected XSS. Impact described in multiple feeds: reflected XSS affecting Sala from n/a through 1.1.3 with published CVSS 3.1 vector (AV:N/AC:...

PT-2025-51458

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeNectar Salient Portfolio salient-portfolio allows Stored XSS.This issue affects Salient Portfolio: from n/a through = 1.8.2...

CVE-2025-63050

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sizam REHub Framework rehub-framework allows Stored XSS.This issue affects REHub Framework: from n/a through 19.9.9.7...

CVE-2025-53234

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AndonDesign UDesign Core u-design-core allows Reflected XSS.This issue affects UDesign Core: from n/a through = 4.14.0...

Mediawiki - Skin:BlueSky 安全漏洞

Mediawiki - Skin:BlueSky is an open source appearance plugin for Mediawiki. A security vulnerability exists in Mediawiki - Skin:BlueSky versions prior to 1.39, which stems from improper input neutralization and could lead to a stored cross-site scripting attack...

PT-2025-41438

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 24.1R4 Description An issue exists in Juniper Networks Junos Space that allows an attacker to inject script tags into the Template Definitions page. When another user visits this page, the attacke...

Juniper Networks Junos Space 跨站脚本漏洞

Juniper Networks Junos Space is a suite of network management solutions from Juniper Networks, Inc. The solution supports automated configuration, monitoring, and troubleshooting of devices and services throughout their lifecycle. A cross-site scripting vulnerability exists in Juniper Networks...

EUVD-2025-5716

Malicious code in bioql PyPI...

EUVD-2025-3335

Malicious code in bioql PyPI...

EUVD-2025-2681

Malicious code in bioql PyPI...