Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-09 | CVE-2024-8605 | Cross-site Scripting vulnerability in Code-Projects Inventory Management 1.0 A vulnerability classified as problematic was found in code-projects Inventory Management 1.0. | 5.4 |
| 2024-09-09 | CVE-2024-40643 | Cross-site Scripting vulnerability in Joplin Project Joplin Joplin is a free, open source note taking and to-do application. | 9.6 |
| 2024-09-09 | CVE-2024-5561 | Cross-site Scripting vulnerability in Code-Atlantic Popup Maker The Popup Maker WordPress plugin before 1.19.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 4.8 |
| 2024-09-09 | CVE-2024-6910 | Cross-site Scripting vulnerability in Myeventon Eventon The EventON WordPress plugin before 2.2.17 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed. | 4.8 |
| 2024-09-09 | CVE-2024-7918 | Cross-site Scripting vulnerability in Ronvalstar Pocket Widget The Pocket Widget WordPress plugin through 0.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | 4.8 |
| 2024-09-09 | CVE-2024-45625 | Cross-site Scripting vulnerability in Incsub Forminator Cross-site scripting vulnerability exists in Forminator versions prior to 1.34.1. | 6.1 |
| 2024-09-08 | CVE-2024-8582 | Cross-site Scripting vulnerability in Oretnom23 Food Ordering Management System 1.0 A vulnerability was found in SourceCodester Food Ordering Management System 1.0 and classified as problematic. | 6.1 |
| 2024-09-08 | CVE-2024-8583 | Cross-site Scripting vulnerability in Oretnom23 Online Bank Management System 1.0 A vulnerability was found in SourceCodester Online Bank Management System and Online Bank Management System - 1.0. | 5.4 |
| 2024-09-08 | CVE-2024-8572 | Cross-site Scripting vulnerability in Gouniverse Golang CMS A vulnerability was found in Gouniverse GoLang CMS 1.4.0. | 6.1 |
| 2024-09-08 | CVE-2024-6859 | Cross-site Scripting vulnerability in Ngothang WP Multitasking The WP MultiTasking WordPress plugin through 0.1.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks | 5.4 |