19 matches found
CVE-2025-22872 Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...
CVE-2024-52465
CVE-2024-52465 is a WordPress LGPD Framework (Data443) vulnerability: Reflected XSS due to improper input neutralization during web page generation. Affected versions are LGPD Framework: n/a through 2.0.2. Public sources (NVD, Red Hat, CIRCL, Patchstack) agree on a Reflected XSS issue with CVSS v...
CVE-2024-51842
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sazzad Image Carousel Shortcode image-carousel-shortcode allows DOM-Based XSS.This issue affects Image Carousel Shortcode: from n/a through = 1.2...
CVE-2024-52345
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RobertoAlicata raqrcode ra-qrcode allows Stored XSS.This issue affects raqrcode: from n/a through = 2.1.0...
CVE-2024-51693
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in labdav Search order by product SKU for WooCommerce search-order-by-product-sku-for-woocommerce allows Reflected XSS.This issue affects Search order by product SKU for WooCommerce: from n/a through ...
CVE-2024-43997 WordPress easy.jobs- Best Recruitment Plugin for Job Board Listing, Manager, Career Page for Elementor & Gutenberg plugin <= 2.4.14 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in easy.Jobs EasyJobs allows Reflected XSS.This issue affects EasyJobs: from n/a through 2.4.14...
CVE-2024-47347
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Chartify chart-builder allows Reflected XSS.This issue affects Chartify: from n/a through = 2.7.6...
CVE-2024-47349 WordPress WPMobile.App plugin <= 11.50 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Amauri WPMobile.App wpappninja.This issue affects WPMobile.App: from n/a through = 11.50...
CVE-2024-37523
The CVE-2024-37523 issue targets the AMP-MODE Login Logo Editor with Stored XSS due to improper input handling. Affected: Login Logo Editor versions up to 1.3.3. Root cause: improper neutralization of input during web page generation. Exploitation specifics are not provided in the core documents;...
CVE-2024-38675
CVE-2024-38675 is an Arkhe Blocks (WordPress) vulnerability: improper input neutralization enabling Stored XSS in Arkhe Blocks versions up to 2.22.1. Exploitation details are not provided in the sources; remediation/fix version is not clearly stated. Patch status in the materials is not definitiv...
CVE-2024-30193
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.1.17...
CVE-2024-27959 WordPress APIExperts Square for WooCommerce plugin <= 4.2.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wpexpertsio WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management allows Reflected XSS.This issue affects WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop...
CVE-2024-21744
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mapster Technology Inc. Mapster WP Maps allows Stored XSS.This issue affects Mapster WP Maps: from n/a through 1.2.38...
CVE-2023-50860
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TMS Booking for Appointments and Events Calendar – Amelia allows Stored XSS.This issue affects Booking for Appointments and Events Calendar – Amelia: from n/a through 1.0.85...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kreativo Pro KP Fastest Tawk.To Chat allows Stored XSS.This issue affects KP Fastest Tawk.To Chat: from n/a through 1.1.1...
CVE-2023-47850
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles allows Stored XSS.This issue affects Community by PeepSo – Social Network, Membership, Registration, User...
CVE-2023-31154
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...
CVE-2021-4169
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
CVE-2021-3994
django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...