330 matches found
CVE-2025-53422 WordPress WhatsApp Chat for WordPress and WooCommerce plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeWarriors WhatsApp Chat for WordPress and WooCommerce tw-whatsapp-chat-rotator allows Reflected XSS.This issue affects WhatsApp Chat for WordPress and WooCommerce: from n/a through = 1.2.1...
CVE-2025-53351 WordPress Fidelo Snippet plugin <= 1.12 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fidelo Software GmbH Fidelo Snippet thebing-snippet allows Reflected XSS.This issue affects Fidelo Snippet: from n/a through = 1.12...
CVE-2025-49962 WordPress bbPress Notify plugin <= 2.19.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in useStrict bbPress Notify bbpress-notify-nospam allows Reflected XSS.This issue affects bbPress Notify: from n/a through = 2.19.5...
WordPress plugin Munzir 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
WordPress plugin WPLMS 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-sit...
PT-2025-43156
Name of the Vulnerable Software and Affected Versions Calvaweb Password only login versions prior to 0.2 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting XSS condition. This allows for Reflected XSS...
WordPress plugin Uji Countdown 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripti...
WordPress Plugin Fade Slider 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
CVE-2025-61456
A Cross-Site Scripting XSS vulnerability exists in Bhabishya-123 E-commerce 1.0, specifically within the index endpoint. Unsanitized input in the /index parameter is directly reflected back into the response HTML, allowing attackers to execute arbitrary JavaScript in the browser of a user who...
EUVD-2025-33959
HCL Unica Campaign 12.1.10 is vulnerable to Reflected Cross-Site Scripting XSS where an attacker injects malicious script into an HTTP request, which is then reflected unsafely in the server's immediate response to the victim's browser, executing the script as if it originated from the trusted...
CVE-2025-41089
CVE-2025-41089 affects Xibo CMS v4.1.2. The vulnerability arises from insufficient validation of user input in the Templates section, specifically when an element with a Configuration Name field (e.g., Clock widget) is modified after creation. The root cause is lack of proper input validation, en...
CVE-2025-59998 Junos Space: Archive Logs screen is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Archive Log screen that, when visited by another user, enables the attacker to execute commands with the target's...
CVE-2025-59985
Juniper Junos Space prior to 24.1R4 is affected by CVE-2025-59985 due to improper input neutralization during web page generation on the Purging Policy page, allowing injection of script tags that can execute commands with the target user’s permissions (potentially admin). The issue is a client-f...
EUVD-2017-12243
Malware in sbrugna...
EUVD-2019-8992
Malware in sbrugna...
EUVD-2021-10774
Malware in sbrugna...
EUVD-2019-4901
Malware in sbrugna...
EUVD-2021-10010
Malware in sbrugna...
EUVD-2021-24030
Malware in sbrugna...
EUVD-2019-17219
Malware in sbrugna...