Lucene search
+L

21 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:18 a.m.7 views

CVE-2021-22503

Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000...

6.1CVSS7AI score0.00231EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-24776

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00217EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 5:13 p.m.313 views

CVE-2025-22872

CVE-2025-22872 involves the HTML tokenizer and related parsing logic where unquoted attribute values ending with a slash (/) are misinterpreted as self-closing tags. This only affects tags in foreign content (e.g., , ) and can cause incorrect DOM scope during parsing when using the Tokenizer dire...

6.5CVSS6.5AI score0.00478EPSS
Exploits0References5
NVD
NVD
added 2024/12/13 3:15 p.m.7 views

CVE-2024-54335

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ImmoSoft ImmoToolBox Connect immotoolbox-connect allows Reflected XSS.This issue affects ImmoToolBox Connect: from n/a through = 1.3.3...

7.1CVSS0.00339EPSS
Exploits0References1
CVE
CVE
added 2024/12/02 1:49 p.m.42 views

CVE-2024-51900

CVE-2024-51900 is a stored XSS in the WordPress plugin What Would Seth Godin Do (versions

5.9CVSS7.2AI score0.00291EPSS
Exploits0References1
CVE
CVE
added 2024/12/02 1:48 p.m.41 views

CVE-2024-52492

CVE-2024-52492 details a Stored Cross-Site Scripting (XSS) flaw in the WordPress plugin Image horizontal reel scroll slideshow (versions

5.9CVSS7.2AI score0.00306EPSS
Exploits0References1
CVE
CVE
added 2024/12/02 1:48 p.m.40 views

CVE-2024-53759

CVE-2024-53759 refers to a CSRF to Stored Cross‑Site Scripting (XSS) vulnerability in the WordPress plugin “ArCa Payment Gateway” (versions 1.3.1 and earlier). The issue arises from improper input neutralization during web page generation, enabling stored XSS. Affected software is the ArCa Paymen...

7.1CVSS7.2AI score0.00245EPSS
Exploits0References1
CVE
CVE
added 2024/11/09 1:11 p.m.62 views

CVE-2024-51663

CVE-2024-51663 is an XSS vulnerability in the WordPress plugin Bricksable for Bricks Builder (affected: Bricksable for Bricks Builder,

5.9CVSS5.9AI score0.00263EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/11/04 3:15 p.m.11 views

CVE-2024-51682

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes HT Builder – WordPress Theme Builder for Elementor ht-builder allows Stored XSS.This issue affects HT Builder – WordPress Theme Builder for Elementor: from n/a through = 1.3.0...

6.5CVSS0.00233EPSS
Exploits0References1
CVE
CVE
added 2024/11/04 2:12 p.m.51 views

CVE-2024-51682

CVE-2024-51682 is a stored XSS in HasThemes HT Builder – WordPress Theme Builder for Elementor (HT Builder) up to version 1.3.0. The vulnerability arises from improper input neutralization during web page generation, allowing stored XSS. Patchstack indicates fixed in 1.3.1; Red Hat/ENISA referenc...

6.5CVSS5.9AI score0.00233EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/10/29 11:59 a.m.24 views

CVE-2024-49651 WordPress WooCommerce Maintenance Mode plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matt Royal WooCommerce Maintenance Mode woocommerce-maintenance-mode allows Reflected XSS.This issue affects WooCommerce Maintenance Mode: from n/a through = 2.0.1...

7.1CVSS0.00281EPSS
Exploits0References1
NVD
NVD
added 2024/10/28 6:15 p.m.14 views

CVE-2024-50445

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in merkulove Selection Lite selection-lite allows Stored XSS.This issue affects Selection Lite: from n/a through = 1.13...

6.5CVSS0.00254EPSS
Exploits0References1
NVD
NVD
added 2024/10/11 7:15 p.m.23 views

CVE-2024-48041

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Tooltip Glossary enhanced-tooltipglossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through = 4.3.9...

6.5CVSS0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/05 12:47 a.m.24 views

CVE-2024-47847 Various XSSes found in Cargo

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows Cross-Site Scripting XSS.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1...

6.9CVSS0.00387EPSS
Exploits1References6
NVD
NVD
added 2024/09/18 12:15 a.m.16 views

CVE-2024-43988

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in digitalnature Mystique allows Stored XSS.This issue affects Mystique: from n/a through 2.5.7...

6.5CVSS0.00274EPSS
Exploits0References1
CVE
CVE
added 2024/08/01 10:32 p.m.59 views

CVE-2024-39626

CVE-2024-39626 affects WordPress Pretty Simple Popup Builder; Stored XSS due to Improper Neutralization of Input During Web Page Generation. Affected: plugin Pretty Simple Popup Builder

5.9CVSS5.9AI score0.0026EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/07/20 8:57 a.m.66 views

CVE-2024-37922

CVE-2024-37922 is a Stored XSS in Leap13 Premium Addons for Elementor (WordPress) affecting Premium Addons for Elementor up to version 4.10.34. The underlying issue is improper neutralization of input during web page generation. A patch exists (update to a version later than 4.10.34); apply the f...

6.5CVSS5.9AI score0.00263EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/04/29 5:15 a.m.11 views

CVE-2024-33640

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LBell Pretty Google Calendar allows Stored XSS.This issue affects Pretty Google Calendar: from n/a through 1.7.2...

6.5CVSS6.4AI score0.00322EPSS
Exploits0References1
NVD
NVD
added 2024/03/13 4:15 p.m.27 views

CVE-2024-25097

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeNcode LLC TNC PDF viewer allows Stored XSS.This issue affects TNC PDF viewer: from n/a through 2.8.0...

6.5CVSS6.4AI score0.00419EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/05/17 4:21 a.m.34 views

Improper Neutralization of Input During Web Page Generation in Direct Web Remoting

Cross-site scripting XSS vulnerability in Direct Web Remoting DWR through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.6AI score0.01148EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder