Lucene search
K

4 matches found

EUVD
EUVD
added 2025/11/11 6:30 a.m.8 views

EUVD-2025-60950

The YSlider plugin for WordPress is vulnerable to Cross-Site Request Forgery to Stored Cross-Site Scripting in all versions up to, and including, 1.1. This is due to missing nonce verification on the content configuration page and insufficient input sanitization and output escaping. This makes it...

6.1CVSS4.5AI score0.00142EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/10/14 9:30 p.m.8 views

Magento vulnerable to stored Cross-Site Scripting (XSS)

Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be...

4.8CVSS5.7AI score0.00252EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2025/06/10 11:15 p.m.4 views

CVE-2025-47041

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.7AI score0.00305EPSS
Exploits0References1
Veracode
Veracode
added 2021/04/12 7:26 a.m.17 views

Cross-site Scripting (XSS)

intelliants/subrion is vulnerable to cross-site scripting XSS. An attacker can inject xss payload on the “payment gateway” column and save the entry to get it executed when a user visits the page...

6.1CVSS2.3AI score0.01009EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder