CVE-2025-52742 WordPress Pets Plugin <= 1.4.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Igor Benic Pets pets allows Reflected XSS.This issue affects Pets: from n/a through = 1.4.1...

CVE-2025-49957 WordPress Email Attachment by Order Status & Products Plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Weboccult Technologies Pvt Ltd Email Attachment by Order Status & Products email-attachment-by-order-status-products allows Reflected XSS.This issue affects Email Attachment by Order Status &...

CVE-2025-48097 WordPress WSAnalytics plugin <= 1.1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shiva WSAnalytics wsanalytics-google-analytics-and-dashboards allows Reflected XSS.This issue affects WSAnalytics: from n/a through = 1.1.2...

PT-2025-43266

Name of the Vulnerable Software and Affected Versions Chibueze Okechukwu SEO Pyramid seo-pyramid versions through 1.9.8 Description The software contains a flaw related to improper input handling during web page creation, specifically a Reflected Cross-Site Scripting XSS issue. This allows for th...

PT-2025-43247

Name of the Vulnerable Software and Affected Versions NickDuncan Nifty Backups versions through 1.08 Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-Site Scripting issue. This allows for the injection of...

PT-2025-43159

Name of the Vulnerable Software and Affected Versions Shiva WSAnalytics versions through 1.1.2 Description A flaw exists in Shiva WSAnalytics wsanalytics-google-analytics-and-dashboards that allows for Reflected Cross-site Scripting XSS. This occurs due to improper neutralization of input during...

WordPress plugin UDesign Core 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

PT-2025-43206

Name of the Vulnerable Software and Affected Versions Shortcode Generator versions through 1.1 Description The software contains a flaw related to improper input handling during web page creation, which allows for Reflected Cross-site Scripting XSS. This means that malicious code can be injected...

EUVD-2025-35183

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to version 3.5.1, a reflected cross-site scripting XSS vulnerability was identified in the editarinfopessoal.php endpoint of the WeGIA application. This vulnerability allows attackers to inject...

CVE-2025-61933

A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of BIG-IP APM that allows an attacker to run JavaScript in the context of the targeted logged-out user. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-31994

HCL Unica Campaign 12.1.10 is vulnerable to Reflected Cross-Site Scripting XSS where an attacker injects malicious script into an HTTP request, which is then reflected unsafely in the server's immediate response to the victim's browser, executing the script as if it originated from the trusted...

CVE-2025-59999 Junos Space: API Access Profiles page is vulnerable to reflected cross-site script injection

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the API Access Profiles page that, when visited by another user, enables the attacker to execute commands with the target...

CVE-2025-59994

CVE-2025-59994 affects Juniper Junos Space prior to 24.1R4, with an XSS flaw in the Quick Template page due to improper input neutralization during web page generation. An attacker can inject scripts that, when viewed by another user, may execute commands with the target’s permissions (including ...

CVE-2025-59993

CVE-2025-59993 affects Juniper Networks Junos Space before version 24.1R4. The issue is an XSS vulnerability in the Space Node Setting fields (and related pages) where improper input neutralization allows injection of script tags, enabling an attacker to run commands with the target user’s privil...

CVE-2025-59982

CVE-2025-59982 affects Juniper Networks Junos Space prior to 24.1R4. Affected component: web page generation for the dashboard/search input. Root cause: improper input neutralization allows cross-site scripting (reflected) that can inject script tags; when visited by another user, it can execute ...

CVE-2025-59981

CVE-2025-59981 corresponds to a Cross-site Scripting (XSS) flaw in Juniper Networks Junos Space prior to version 24.1R4. The issue arises from improper input neutralization during web page generation on the Device Template Definition page, allowing an attacker to inject script tags that, when vie...

CVE-2025-11204 RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.6.2 - Authenticated (Administrator+) SQL Injection

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 6.0.6.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

Linux Distros Unpatched Vulnerability : CVE-2025-11146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Reflected Cross-site scripting XSS in Apt-Cacher-NG v3.2.1. The vulnerability allows an attacker to execute malicious scripts XSS in the web management...

EUVD-2024-42362

Malicious code in bioql PyPI...

EUVD-2024-40619

Malicious code in bioql PyPI...