Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-30 | CVE-2019-15829 | Cross-site Scripting vulnerability in Greentreelabs Gallery Photoblocks The photoblocks-grid-gallery plugin before 1.1.33 for WordPress has wp-admin/admin.php?page=photoblocks-edit&id= XSS. | 3.5 |
| 2019-08-30 | CVE-2019-15827 | Cross-site Scripting vulnerability in Onesignal Onesignal-Free-Web-Push-Notifications 1.17.5 The onesignal-free-web-push-notifications plugin before 1.17.8 for WordPress has XSS via the subdomain parameter. | 3.5 |
| 2019-08-30 | CVE-2019-15817 | Cross-site Scripting vulnerability in Realestateconnected Easy Property Listings The easy-property-listings plugin before 3.4 for WordPress has XSS. | 4.3 |
| 2019-08-30 | CVE-2019-15816 | Cross-site Scripting vulnerability in Wpexpertdeveloper WP Private Content Plus The wp-private-content-plus plugin before 2.0 for WordPress has no protection against option changes via save_settings_page and other save_ functions. | 5.0 |
| 2019-08-30 | CVE-2019-12754 | Cross-site Scripting vulnerability in Symantec VIP Symantec My VIP portal, previous version which has already been auto updated, was susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users or potentially bypass access controls such as the same-origin policy. | 3.5 |
| 2019-08-30 | CVE-2018-18370 | Cross-site Scripting vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. | 4.3 |
| 2019-08-30 | CVE-2018-15512 | Cross-site Scripting vulnerability in Totemo Totemomail 6.0.0 Cross-site scripting (XSS) vulnerability in the 'Authorisation Service' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML. | 4.3 |
| 2019-08-30 | CVE-2018-15511 | Cross-site Scripting vulnerability in Totemo Totemomail 6.0.0 Cross-site scripting (XSS) vulnerability in the 'Notification template' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML. | 4.3 |
| 2019-08-30 | CVE-2018-15510 | Cross-site Scripting vulnerability in Totemo Totemomail 6.0.0 Cross-site scripting (XSS) vulnerability in the 'Certificate' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML. | 4.3 |
| 2019-08-29 | CVE-2019-15811 | Cross-site Scripting vulnerability in Domainmod In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS. | 6.1 |