Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-15 | CVE-2024-10793 | Cross-site Scripting vulnerability in Melapress WP Activity LOG The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-11-15 | CVE-2024-39610 | Cross-site Scripting vulnerability in Cleancoder Fitnesse Cross-site scripting vulnerability exists in FitNesse releases prior to 20241026. | 6.1 |
| 2024-11-15 | CVE-2024-9356 | Cross-site Scripting vulnerability in Yotpo The Yotpo: Product & Photo Reviews for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'yotpo_user_email' and 'yotpo_user_name' parameters in all versions up to, and including, 1.7.8 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-11-15 | CVE-2024-9609 | Cross-site Scripting vulnerability in Thimpress Learnpress Export Import The LearnPress Export Import – WordPress extension for LearnPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'learnpress_import_form_server' parameter in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-11-14 | CVE-2024-48284 | Cross-site Scripting vulnerability in PHPgurukul User Registration & Login and User Management System 3.2 A Reflected Cross-Site Scripting (XSS) vulnerability was found in the /search-result.php page of the PHPGurukul User Registration & Login and User Management System 3.2. | 4.8 |
| 2024-11-14 | CVE-2024-50836 | Cross-site Scripting vulnerability in Lopalopa E-Learning Management System 1.0 A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0. | 4.8 |
| 2024-11-14 | CVE-2024-45099 | Cross-site Scripting vulnerability in IBM Security Qradar EDR IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. | 4.8 |
| 2024-11-13 | CVE-2024-11175 | Cross-site Scripting vulnerability in Publiccms 5.202406.D A vulnerability was found in Public CMS 5.202406.d and classified as problematic. | 4.8 |
| 2024-11-13 | CVE-2024-50969 | Cross-site Scripting vulnerability in Anisha Jonnys Liquor 1.0 A Reflected cross-site scripting (XSS) vulnerability in browse.php of Code-projects Jonnys Liquor 1.0 allows remote attackers to inject arbitrary web scripts or HTML via the search parameter. | 6.1 |
| 2024-11-13 | CVE-2024-52300 | Cross-site Scripting vulnerability in Xwiki PDF Viewer Macro macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. | 9.0 |