Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2024-08-29 CVE-2024-43958 Cross-site Scripting vulnerability in Gianniporto Intothedark
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gianni Porto IntoTheDark allows Reflected XSS.This issue affects IntoTheDark: from n/a through 1.0.5.
network
low complexity
gianniporto CWE-79
6.1
6.1
2024-08-29 CVE-2024-43960 Cross-site Scripting vulnerability in Pagebuilderaddons web and Woocommerce Addons for Wpbakery Builder
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Page Builder Addons Web and WooCommerce Addons for WPBakery Builder allows Stored XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.4.6.
network
low complexity
pagebuilderaddons CWE-79
4.8
4.8
2024-08-29 CVE-2024-43961 Cross-site Scripting vulnerability in Azurecurve Toggle Show/Hide
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in azurecurve azurecurve Toggle Show/Hide allows Stored XSS.This issue affects azurecurve Toggle Show/Hide: from n/a through 2.1.3.
network
low complexity
azurecurve CWE-79
5.4
5.4
2024-08-29 CVE-2024-43963 Cross-site Scripting vulnerability in Waspthemes Yellowpencil
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WaspThemes YellowPencil Visual CSS Style Editor allows Reflected XSS.This issue affects YellowPencil Visual CSS Style Editor: from n/a through 7.6.1.
network
low complexity
waspthemes CWE-79
6.1
6.1
2024-08-29 CVE-2024-43964 Cross-site Scripting vulnerability in Dsgvo-For-Wp Dsgvo ALL in ONE for WP
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Leithold DSGVO All in one for WP allows Stored XSS.This issue affects DSGVO All in one for WP: from n/a through 4.5.
network
low complexity
dsgvo-for-wp CWE-79
5.4
5.4
2024-08-29 CVE-2024-44716 Cross-site Scripting vulnerability in Dedebiz 6.3.0
A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
network
low complexity
dedebiz CWE-79
6.1
6.1
2024-08-29 CVE-2024-44717 Cross-site Scripting vulnerability in Dedebiz 6.3.0
A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
network
low complexity
dedebiz CWE-79
6.1
6.1
2024-08-29 CVE-2024-44777 Cross-site Scripting vulnerability in Vtiger CRM 7.4.0
A reflected cross-site scripting (XSS) vulnerability in the tag parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
network
low complexity
vtiger CWE-79
critical
 9.6
9.6
2024-08-29 CVE-2024-44778 Cross-site Scripting vulnerability in Vtiger CRM 7.4.0
A reflected cross-site scripting (XSS) vulnerability in the parent parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
network
low complexity
vtiger CWE-79
critical
 9.6
9.6
2024-08-29 CVE-2024-44779 Cross-site Scripting vulnerability in Vtiger CRM 7.4.0
A reflected cross-site scripting (XSS) vulnerability in the viewname parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
network
low complexity
vtiger CWE-79
critical
 9.6
9.6