Lucene search
K

19 matches found

Vulnrichment
Vulnrichment
added 2025/04/16 5:13 p.m.23 views

CVE-2025-22872 Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...

6.5AI score0.0045EPSS
Exploits0References4
CVE
CVE
added 2024/12/02 1:49 p.m.47 views

CVE-2024-52465

CVE-2024-52465 is a WordPress LGPD Framework (Data443) vulnerability: Reflected XSS due to improper input neutralization during web page generation. Affected versions are LGPD Framework: n/a through 2.0.2. Public sources (NVD, Red Hat, CIRCL, Patchstack) agree on a Reflected XSS issue with CVSS v...

7.1CVSS7.2AI score0.00339EPSS
Exploits0References1
NVD
NVD
added 2024/11/19 5:15 p.m.14 views

CVE-2024-51842

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sazzad Image Carousel Shortcode image-carousel-shortcode allows DOM-Based XSS.This issue affects Image Carousel Shortcode: from n/a through = 1.2...

6.5CVSS0.00374EPSS
Exploits0References1
NVD
NVD
added 2024/11/18 10:15 p.m.53 views

CVE-2024-52345

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RobertoAlicata raqrcode ra-qrcode allows Stored XSS.This issue affects raqrcode: from n/a through = 2.1.0...

6.5CVSS0.00231EPSS
Exploits0References1
NVD
NVD
added 2024/11/09 1:15 p.m.8 views

CVE-2024-51693

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in labdav Search order by product SKU for WooCommerce search-order-by-product-sku-for-woocommerce allows Reflected XSS.This issue affects Search order by product SKU for WooCommerce: from n/a through ...

7.1CVSS0.00259EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/17 6:7 p.m.6 views

CVE-2024-43997 WordPress easy.jobs- Best Recruitment Plugin for Job Board Listing, Manager, Career Page for Elementor & Gutenberg plugin <= 2.4.14 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in easy.Jobs EasyJobs allows Reflected XSS.This issue affects EasyJobs: from n/a through 2.4.14...

7.1CVSS6.9AI score0.00339EPSS
Exploits0References1
NVD
NVD
added 2024/10/06 11:15 a.m.23 views

CVE-2024-47347

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Chartify chart-builder allows Reflected XSS.This issue affects Chartify: from n/a through = 2.7.6...

7.1CVSS0.0029EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/06 10:26 a.m.57 views

CVE-2024-47349 WordPress WPMobile.App plugin <= 11.50 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Amauri WPMobile.App wpappninja.This issue affects WPMobile.App: from n/a through = 11.50...

7.1CVSS0.0029EPSS
Exploits0References1
CVE
CVE
added 2024/07/21 7:9 a.m.58 views

CVE-2024-37523

The CVE-2024-37523 issue targets the AMP-MODE Login Logo Editor with Stored XSS due to improper input handling. Affected: Login Logo Editor versions up to 1.3.3. Root cause: improper neutralization of input during web page generation. Exploitation specifics are not provided in the core documents;...

5.9CVSS5.8AI score0.00274EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/07/20 7:53 a.m.44 views

CVE-2024-38675

CVE-2024-38675 is an Arkhe Blocks (WordPress) vulnerability: improper input neutralization enabling Stored XSS in Arkhe Blocks versions up to 2.22.1. Exploitation details are not provided in the sources; remediation/fix version is not clearly stated. Patch status in the materials is not definitiv...

6.5CVSS6.5AI score0.00312EPSS
Exploits0References1
NVD
NVD
added 2024/03/27 7:15 a.m.20 views

CVE-2024-30193

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.1.17...

6.5CVSS6.4AI score0.0032EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/17 4:27 p.m.32 views

CVE-2024-27959 WordPress APIExperts Square for WooCommerce plugin <= 4.2.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wpexpertsio WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management allows Reflected XSS.This issue affects WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop...

7.1CVSS7.2AI score0.0037EPSS
Exploits0References1
NVD
NVD
added 2024/01/08 5:15 p.m.26 views

CVE-2024-21744

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mapster Technology Inc. Mapster WP Maps allows Stored XSS.This issue affects Mapster WP Maps: from n/a through 1.2.38...

6.5CVSS6.4AI score0.00328EPSS
Exploits0References1
NVD
NVD
added 2023/12/28 11:15 a.m.16 views

CVE-2023-50860

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TMS Booking for Appointments and Events Calendar – Amelia allows Stored XSS.This issue affects Booking for Appointments and Events Calendar – Amelia: from n/a through 1.0.85...

6.5CVSS0.00325EPSS
Exploits0References1
Prion
Prion
added 2023/12/15 3:15 p.m.31 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kreativo Pro KP Fastest Tawk.To Chat allows Stored XSS.This issue affects KP Fastest Tawk.To Chat: from n/a through 1.1.1...

4.9CVSS6.9AI score0.00374EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/11/30 12:15 p.m.25 views

CVE-2023-47850

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles allows Stored XSS.This issue affects Community by PeepSo – Social Network, Membership, Registration, User...

6.5CVSS0.00385EPSS
Exploits0References1
NVD
NVD
added 2023/05/10 8:15 p.m.19 views

CVE-2023-31154

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...

5.4CVSS5.2AI score0.00439EPSS
Exploits0References2
NVD
NVD
added 2021/12/26 12:15 p.m.21 views

CVE-2021-4169

livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

6.1CVSS0.00948EPSS
Exploits1References2
NVD
NVD
added 2021/12/01 11:15 a.m.32 views

CVE-2021-3994

django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

9.6CVSS0.01354EPSS
Exploits1References2
Rows per page
Query Builder