Lucene search
K

1193 matches found

NVD
NVD
added 4 hours ago2 views

CVE-2026-57706

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dokan, Inc. Dokan dokan-lite allows Reflected XSS.This issue affects Dokan: from n/a through = 5.0.6...

7.1CVSS
Exploits0References1
Cvelist
Cvelist
added 5 hours ago3 views

CVE-2026-59516 WordPress ICS Calendar plugin <= 12.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Reflected XSS.This issue affects ICS Calendar: from n/a through = 12.1.1...

7.1CVSS
Exploits0References1
CVE
CVE
added 5 hours ago5 views

CVE-2026-57708

Affected product/versions: WordPress WordPress plugin “Contact Form Entries” (contact-form-entries)

7.1CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added 5 hours ago2 views

CVE-2026-57734 WordPress tagDiv Composer plugin <= 5.4.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Composer td-composer allows Reflected XSS.This issue affects tagDiv Composer: from n/a through = 5.4.3...

7.1CVSS
Exploits0References1
Cvelist
Cvelist
added 5 hours ago2 views

CVE-2026-57394 WordPress Newsletters plugin <= 4.14 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tribulant Software Newsletters newsletters-lite allows Reflected XSS.This issue affects Newsletters: from n/a through = 4.14...

7.1CVSS
Exploits0References1
Cvelist
Cvelist
added 5 hours ago2 views

CVE-2026-57369 WordPress Themify Builder plugin <= 7.7.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Builder themify-builder allows Reflected XSS.This issue affects Themify Builder: from n/a through = 7.7.4...

7.1CVSS
Exploits0References1
Nuclei
Nuclei
added 10 hours ago67 views

Knowage Suite 7.3 - Cross-Site Scripting

Knowage Suite 7.3 contains an unauthenticated reflected cross-site scripting vulnerability. An attacker can inject arbitrary web script in '/servlet/AdapterHTTP' via the 'targetService' parameter. id: CVE-2021-30213 info: name: Knowage Suite 7.3 - Cross-Site Scripting author: alph4byt3 severity:...

6.1CVSS6.5AI score0.02721EPSS
Exploits1References5
Nuclei
Nuclei
added 10 hours ago20 views

KodExplorer - Cross-Site Scripting

KodExplorer is susceptible to a reflected cross-site scripting XSS vulnerability in the file view functionality.The vulnerability exists in app/template/api/view.html where user-supplied input in the 'path' parameter is directly echoed without proper sanitization.This allows attackers to inject...

6.1CVSS6.4AI score0.00705EPSS
Exploits0References2
CVE
CVE
added 4 days ago11 views

CVE-2026-5793

BiEticaret (Inrove Software and Internet Services) contains a reflected XSS due to improper input neutralization during web page generation. Affected: BiEticaret prior to v3.3.57. CVSSv3.1 metrics indicate Network attack vector, Low attack complexity, Privileges None, User Interaction Required, C...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/03 8:58 a.m.7 views

EUVD-2026-41527

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Raera - Ankara Web Design and Digital Advertising Agency Destekz allows Reflected XSS. This issue affects Destekz: through 02062026. NOTE: The vendor was contacted and it was learned that the produ...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.7 views

CVE-2026-50040

Storage Concentrator SC & SCVM is vulnerable to reflected cross-site scripting due to unsanitized content being echoed back in 404 error pages. An attacker can craft a malicious URL that, when visited by an authenticated user, causes arbitrary script content to execute within the victim's browser...

6.1CVSS0.00236EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/06/30 1:28 p.m.5 views

WordPress LMS theme <= 9.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme LMS versions = 9.7...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/06/23 12:15 p.m.38 views

CVE-2026-10857 Reflected XSS in Akinsoft's e-Commerce

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in AKIN Software Computer Import Export Industry and Trade Ltd. E-Commerce allows Reflected XSS. This issue affects e-Commerce: before 1.25.01.06...

6.1CVSS0.00149EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.15 views

PT-2026-48405

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPZOOM Portfolio allows Reflected XSS. This issue affects WPZOOM Portfolio: from n/a through 1.4.21...

7.1CVSS5.4AI score0.00342EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2026/06/09 3:41 a.m.9 views

CVE-2026-11603 Product Filter Widget for Elementor <= 1.0.6 - Reflected Cross-Site Scripting via 'args[filterFormArray]' Parameter

The Product Filter Widget for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via 'argsfilterFormArray' Parameter in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS5.7AI score0.00205EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.13 views

CVE-2026-6696

The Zingaya Click-to-Call plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email', 'firstname', 'lastname', and 'phone' parameters on the plugin's sign-up admin page in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output...

6.1CVSS5.7AI score0.00219EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.10 views

CVE-2026-42681

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in E2Pdf.Com e2pdf allows Reflected XSS. This issue affects e2pdf: from n/a through 1.32.14...

7.1CVSS5.4AI score0.00142EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 6:3 a.m.48 views

CVE-2026-21825 HCL Digital Experience Compose is affected by a reflected cross-site scripting (XSS) vulnerability in the search center

HCL Digital Experience Compose is affected by a reflected cross-site scripting XSS vulnerability in the search center. An attacker could execute arbitrary JavaScript in the victim's browser...

6.1CVSS0.00152EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.23 views

PT-2026-46963

Multiple reflected Cross-Site Scripting XSS vulnerabilities in damasac thaipalliative lte through version 3.0 allow remote attackers to inject arbitrary web script or HTML via the idFormMain parameter line 24, the id parameter lines 25, 75, and the ptid key parameter lines 26, 42 in...

5.6AI score0.00199EPSS
Exploits1References3
NVD
NVD
added 2026/06/03 9:16 a.m.17 views

CVE-2025-15654

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fox-themes Prague allows Reflected XSS. This issue affects Prague: from n/a through 2.2.8...

7.1CVSS0.00146EPSS
Exploits0References1
Rows per page
Query Builder