CVE-2025-23840

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webjema WP-NOTCAPTCHA wp-notcaptcha allows Reflected XSS.This issue affects WP-NOTCAPTCHA: from n/a through = 1.3.1...

EUVD-2012-5751

Malware in sbrugna...

EUVD-2017-11830

Malware in sbrugna...

EUVD-2024-48029

Malicious code in bioql PyPI...

CVE-2025-31638

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themeton Spare allows Reflected XSS. This issue affects Spare: from n/a through 1.7...

CVE-2018-20141

AbanteCart 1.2.12 has reflected cross-site scripting XSS via the sort parameter, as demonstrated by a /apparel--accessories?sort= substring...

CVE-2025-43836

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in confuzzledduck Syndicate Out syndicate-out allows Reflected XSS.This issue affects Syndicate Out: from n/a through = 0.9...

CVE-2025-4647

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon web allows Reflected XSS. A user with elevated privileges can bypass sanitization measures by replacing the content of an existing SVG. This issue affects web: from 24.10.0 before...

Cross-Site Scripting (XSS)

yeswiki/yeswiki is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient input sanitization of the idformulaire parameter on the /?BazaR endpoint, which allows attackers to perform reflected cross-site scripting attacks to steal session cookies, hijack user sessions,...

GHSA-GGQX-43H2-55JP Yeswiki Vulnerable to Unauthenticated Reflected Cross-site Scripting

Summary Vulnerable Version: Yeswiki alert1 Details Reflected Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in...

CVE-2025-26954

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 1pluginjquery ZooEffect 1-jquery-photo-gallery-slideshow-flash allows Reflected XSS.This issue affects ZooEffect: from n/a through = 1.11...

CVE-2024-13598 XSS in iKSORIS

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS Cross-site Scripting attacks. Using a functionality of creating new form fields one creates new parameters vulnerable to XSS attacks. A user tricked into filling such a form with a malicious script will run th...

CVE-2024-10088 XSS in iKSORIS

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS Cross-site Scripting attacks. An attacker might trick a user into filling a login form with a malicious script, what causes the script to run in user's context. This vulnerability has been patched in...

CVE-2025-31384

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Aviplugins Videos allows Reflected XSS.This issue affects Videos: from n/a through 1.0.5...

CVE-2025-31384

CVE-2025-31384 affects the Aviplugins Videos WordPress plugin, with an issue described as Improper Neutralization of Script-Related HTML Tags in a Web Page (Reflected XSS) affecting Versions up to 1.0.5. The vulnerability is exploitable via network vector and requires user interaction; CVSS 3.1 b...

CVE-2025-31436

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Angelo Mandato Blubrry PowerPress Podcasting plugin MultiSite add-on powerpress-multisite allows Reflected XSS.This issue affects Blubrry PowerPress Podcasting plugin MultiSite add-on: from n/a...

CVE-2025-30858

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tribulant Software Snow Storm snow-storm allows Reflected XSS.This issue affects Snow Storm: from n/a through = 1.4.6...

CVE-2025-31462 WordPress CGM Event Calendar <= 0.8.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rzfarrell CGM Event Calendar allows Reflected XSS. This issue affects CGM Event Calendar: from n/a through 0.8.5...

CVE-2025-31801 WordPress MX Time Zone Clocks plugin <= 5.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maksym Marko MX Time Zone Clocks mx-time-zone-clocks allows Reflected XSS.This issue affects MX Time Zone Clocks: from n/a through = 5.1.1...

WordPress plugin Google Plus 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...