CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SysBasics Shortcode For Elementor Templates allows Stored XSS.This issue affects Shortcode For Elementor Templates: from n/a through 1.0.0...

6.5CVSS5.2AI score0.00156EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:26 a.m.•6 views

CVE-2024-10837

The SysBasics Customize My Account for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in all versions up to, and including, 2.7.29 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS6.4AI score0.02566EPSS

Exploits0References1

RedhatCVE•added 2025/02/16 1:20 p.m.•4 views

CVE-2025-24592

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SysBasics Customize My Account for WooCommerce customize-my-account-for-woocommerce allows Reflected XSS.This issue affects Customize My Account for WooCommerce: from n/a through = 2.8.22...

7.1CVSS5.9AI score0.00131EPSS

Exploits0References1

NVD•added 2025/02/14 1:15 p.m.•6 views

CVE-2025-24592

7.1CVSS0.00131EPSS

Exploits0References1

Cvelist•added 2025/02/14 12:44 p.m.•11 views

CVE-2025-24592 WordPress SysBasics Customize My Account for WooCommerce plugin <= 2.8.22 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00131EPSS

Exploits0References1

Vulnrichment•added 2025/02/14 12:44 p.m.•12 views

CVE-2025-24592 WordPress SysBasics Customize My Account for WooCommerce plugin <= 2.8.22 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS5.9AI score0.00131EPSS

Exploits0References1

CVE•added 2025/02/14 12:44 p.m.•59 views

CVE-2025-24592

The CVE-2025-24592 entry concerns a WordPress plugin vulnerability: SysBasics Customize My Account for WooCommerce (affected versions up to 2.8.22). The issue is an improper neutralization of input during web page generation, resulting in a Reflected Cross-Site Scripting (XSS) vulnerability. Impa...

7.1CVSS5.9AI score0.00131EPSS

Exploits0References1

NVD•added 2024/11/09 1:15 p.m.•19 views

CVE-2024-10837

6.1CVSS0.02566EPSS

Exploits0References4

CVE•added 2024/11/09 12:30 p.m.•50 views

CVE-2024-10837

CVE-2024-10837 is a Reflected Cross‑Site Scripting vulnerability in the SysBasics Customize My Account for WooCommerce plugin for WordPress. It affects all versions up to 2.7.29 and is exploitable by unauthenticated attackers who lure a user into clicking a crafted link containing the vulnerable ...

6.1CVSS6AI score0.02566EPSS

Exploits0References4

Cvelist•added 2024/11/09 12:30 p.m.•16 views

CVE-2024-10837 SysBasics Customize My Account for WooCommerce <= 2.7.29 - Reflected Cross-Site Scripting via tab Parameter

6.1CVSS0.02566EPSS

Exploits0References4

Vulnrichment•added 2024/11/09 12:30 p.m.•9 views

CVE-2024-10837 SysBasics Customize My Account for WooCommerce <= 2.7.29 - Reflected Cross-Site Scripting via tab Parameter

6.1CVSS6.4AI score0.02566EPSS

Exploits0References4

Positive Technologies•added 2024/11/09 12:0 a.m.•3 views

PT-2024-16579 · WordPress · Sysbasics Customize My Account

Name of the Vulnerable Software and Affected Versions: SysBasics Customize My Account for WooCommerce plugin for WordPress versions prior to 2.7.29 Description: The vulnerability is a Reflected Cross-Site Scripting issue via the tab parameter, caused by insufficient input sanitization and output...

6.1CVSS6.9AI score0.02566EPSS

Exploits0References19

NVD•added 2024/10/17 1:15 p.m.•8 views

CVE-2024-48022

6.5CVSS0.00156EPSS

Exploits0References1

Vulnrichment•added 2024/10/17 12:28 p.m.•12 views

CVE-2024-48022 WordPress Shortcode For Elementor Templates plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

6.5CVSS6.4AI score0.00156EPSS

Exploits0References1

CVE•added 2024/10/17 12:28 p.m.•37 views

CVE-2024-48022