330 matches found
CVE-2025-66102
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FolioVision FV Antispam fv-antispam allows Reflected XSS.This issue affects FV Antispam: from n/a through = 2.7...
CVE-2025-57897
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in venusweb Logtik logtik allows Reflected XSS.This issue affects Logtik: from n/a through = 2.3...
CVE-2025-64372 WordPress Traveler theme < 3.2.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shinetheme Traveler traveler allows Reflected XSS.This issue affects Traveler: from n/a through 3.2.6...
PT-2025-52168
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designthemes Reservation Plugin dt-reservation-plugin allows Reflected XSS.This issue affects Reservation Plugin: from n/a through = 1.6...
WordPress plugin Mailster 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
CVE-2025-13072
The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
PT-2025-49974
Name of the Vulnerable Software and Affected Versions TalentSoft UNIS versions prior to 42957 Description The software contains a Reflected Cross-Site Scripting XSS issue due to improper neutralization of input during web page generation. This allows for the injection of malicious scripts into we...
CVE-2024-14015
CVE-2024-14015 affects Studiocart (WordPress eCommerce Plugin) up to version 2.9.0, where insufficient sanitisation/escaping of a parameter leads to Reflected XSS in output. The vulnerability could target high-privilege users such as admins. Connected sources do not provide a confirmed fixed vers...
CVE-2025-54722
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ex-Themes WooTour woo-tour allows Reflected XSS.This issue affects WooTour: from n/a through = 3.6.3...
CVE-2025-12471
CVE-2025-12471 (Hubbub Lite) : WordPress Hubbub Lite plugin versions up to and including 1.36.0 are vulnerable to Reflected Cross-Site Scripting via the dpsp_list_attention_search parameter due to insufficient input sanitization and output escaping. The vulnerability can be exploited by unauthent...
WordPress plugin Booking and Rental Manager 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
📄 Hop.bg Cross Site Scripting
Hop.bg appears to suffer from a cross site scripting vulnerability. It is unclear what vulnerable code base is being used or if it's custom, however, the researcher has not heard a response from the vendor and they have not addressed the issue, putting their users at risk, so this is being...
CVE-2025-52743
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobbingwide oik-privacy-policy oik-privacy-policy allows Reflected XSS.This issue affects oik-privacy-policy: from n/a through = 1.4.10...
CVE-2025-58916
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Munzir Author: Munzir myshouts-shoutbox allows Reflected XSS.This issue affects Author: Munzir: from n/a through = 0.9...
EUVD-2025-35442
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themebon Easy Woocommerce Customizer easy-woocommerce-customizer allows Reflected XSS.This issue affects Easy Woocommerce Customizer: from n/a through = 1.0.2...
EUVD-2025-35472
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kamleshyadav RockON DJ rockon allows Reflected XSS.This issue affects RockON DJ: from n/a through = 3.3...
EUVD-2025-35513
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ahmad Awais WP Super Edit wp-super-edit allows Reflected XSS.This issue affects WP Super Edit: from n/a through = 2.5.4...
EUVD-2025-35517
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jonatan Jumbert WPCode Content Ratio wpcode-content-ratio allows Reflected XSS.This issue affects WPCode Content Ratio: from n/a through = 2.0...
CVE-2025-52734
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ERA404 CropRefine croprefine allows Reflected XSS.This issue affects CropRefine: from n/a through = 1.2.1...
CVE-2025-53427
CVE-2025-53427: WordPress SEO Pyramid plugin