WordPress plugin wp-notcaptcha 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

CVE-2025-23650

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in razvypp Tidy.ro tidyro allows Reflected XSS.This issue affects Tidy.ro: from n/a through = 1.3...

PT-2025-7015 · Unknown · Michelem Nofollow Free

Name of the Vulnerable Software and Affected Versions: michelem NoFollow Free versions 1.6.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. Recommendations: For versions...

PT-2025-7028 · Fatcat Apps · Analytics Cat

Name of the Vulnerable Software and Affected Versions: fatcatapps Analytics Cat versions 1.1.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential attackers...

CVE-2024-27992

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Link Whisper Link Whisper Free allows Reflected XSS.This issue affects Link Whisper Free: from n/a through 0.6.8...

CVE-2024-27987

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a through = 3.3.1...

CVE-2024-31110

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Katz Web Services, Inc. Contact Form 7 Newsletter allows Reflected XSS.This issue affects Contact Form 7 Newsletter: from n/a through 2.2...

WordPress plugin JustRows free 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-4962 · Unknown · Notifikácie.Sk

Name of the Vulnerable Software and Affected Versions: Notifikácie.sk versions n/a through 1.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. Specifically, it is a Reflected XSS vulnerability. This means th...

PT-2025-5386 · Unknown · Skt Donation

Name of the Vulnerable Software and Affected Versions: SKT Donation versions 1.9 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential attackers to inject...

PT-2025-5171 · Unknown · Notfound Custom Page Extensions

Name of the Vulnerable Software and Affected Versions: NotFound Custom Page Extensions versions 0.6 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This enables attackers ...

CVE-2025-23540 WordPress WP Front-end login and register plugin <= 2.1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mohsin khan WP Front-end login and register allows Reflected XSS. This issue affects WP Front-end login and register: from n/a through 2.1.0...

PT-2025-1591 · Uyumsoft · Uyumsoft Erp

Name of the Vulnerable Software and Affected Versions: Uyumsoft ERP versions prior to Erp4.2109.166p45 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for XSS using invalid characters and Reflect...

CVE-2024-26156 ETIC Telecom Remote Access Server (RAS) Cross-site Scripting

All versions of ETIC Telecom Remote Access Server RAS prior to 4.5.0 are vulnerable to reflected cross site scripting XSS attacks in the method parameter. The ETIC RAS web server uses dynamic pages that gets their input from the client side and reflects the input in its response to the client...

CVE-2024-35280

A improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Fortinet FortiDeceptor 5.3.0, FortiDeceptor 5.2.0, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions, FortiDeceptor 4.3 all versions, FortiDeceptor 4.2 all versions, FortiDeceptor 4....

CVE-2025-23036 Cross-Site Scripting (XSS) Reflected endpoint 'pre_cadastro_funcionario.php' parameter 'msg_e' in WeGIA

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the precadastrofuncionario.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious...

CVE-2025-22617 WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'editar_socio.php' parameter 'socio'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the editarsocio.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in t...

PT-2025-4556 · Unknown · Trustist Reviewer

The vulnerable software is TRUSTist REVIEWer, a product from trustist. The vulnerability is an Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting' XSS, which allows Reflected XSS. This issue affects TRUSTist REVIEWer versions from n/a through 2.0. The...

PT-2025-3167 · Unknown · Markyis Cool Olivia

Name of the Vulnerable Software and Affected Versions: Markyis Cool Olivia versions 0.9.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker can...

PT-2024-36180 · Revi.Io · Revi.Io

Name of the Vulnerable Software and Affected Versions: Revi.io versions n/a through 5.7.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS. Recommendations: For versions n/a through...