Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2019-09-13 CVE-2019-13923 Cross-site Scripting vulnerability in Siemens Ie/Wsn-Pa Link Wirelesshart Gateway Firmware
A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gateway (All versions).
network
siemens CWE-79
4.3
4.3
2019-09-13 CVE-2019-16289 Cross-site Scripting vulnerability in Webcraftic Woody AD Snippets
The insert-php (aka Woody ad snippets) plugin before 2.2.8 for WordPress allows authenticated XSS via the winp_item parameter.
network
webcraftic CWE-79
3.5
3.5
2019-09-13 CVE-2019-13364 Cross-site Scripting vulnerability in Piwigo 2.9.5
admin.php?page=account_billing in Piwigo 2.9.5 has XSS via the vat_number, billing_name, company, or billing_address parameter.
network
low complexity
piwigo CWE-79
critical
 9.6
9.6
2019-09-13 CVE-2019-13363 Cross-site Scripting vulnerability in Piwigo 2.9.5
admin.php?page=notification_by_mail in Piwigo 2.9.5 has XSS via the nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content, nbm_complementary_mail_content, nbm_send_recent_post_dates, or param_submit parameter.
network
low complexity
piwigo CWE-79
critical
 9.6
9.6
2019-09-13 CVE-2019-12517 Cross-site Scripting vulnerability in Slickquiz Project Slickquiz 1.3.7.1
An XSS issue was discovered in the slickquiz plugin through 1.3.7.1 for WordPress. 		4.3
4.3
2019-09-13 CVE-2016-10953 Cross-site Scripting vulnerability in Headwaythemes Headway
The Headway theme before 3.8.9 for WordPress has XSS via the license key field.
network
low complexity
headwaythemes CWE-79
5.4
5.4
2019-09-13 CVE-2016-10952 Cross-site Scripting vulnerability in Quotes Collection Project Quotes Collection
The quotes-collection plugin before 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter. 		4.3
4.3
2019-09-13 CVE-2017-18615 Cross-site Scripting vulnerability in Wp-Kama Kama Click Counter
The kama-clic-counter plugin before 3.5.0 for WordPress has XSS.
network
wp-kama CWE-79
4.3
4.3
2019-09-13 CVE-2017-18613 Cross-site Scripting vulnerability in Trust Form Project Trust Form 2.0
The trust-form plugin 2.0 for WordPress has XSS via the wp-admin/admin.php?page=trust-form-edit page parameter. 		4.3
4.3
2019-09-13 CVE-2017-18612 Cross-site Scripting vulnerability in Netattingo Wp-Whois-Domain 1.0.0
The wp-whois-domain plugin 1.0.0 for WordPress has XSS via the pages/func-whois.php domain parameter.
network
netattingo CWE-79
4.3
4.3