Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-05 | CVE-2024-45176 | Cross-site Scripting vulnerability in C-Mor 5.2401 An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. | 6.1 |
| 2024-09-05 | CVE-2024-8471 | Cross-site Scripting vulnerability in PHPgurukul JOB Portal 1.0 Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. | 6.1 |
| 2024-09-05 | CVE-2024-8472 | Cross-site Scripting vulnerability in PHPgurukul JOB Portal 1.0 Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. | 6.1 |
| 2024-09-05 | CVE-2024-8473 | Cross-site Scripting vulnerability in PHPgurukul JOB Portal 1.0 Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. | 6.1 |
| 2024-09-05 | CVE-2022-3556 | Cross-site Scripting vulnerability in Kanev CAB Fare Calculator 1.0.3/1.0.4 The Cab fare calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the vehicle title setting in versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping. | 4.8 |
| 2024-09-05 | CVE-2024-6894 | Cross-site Scripting vulnerability in Rdstation RD Station The RD Station plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.3.2 due to insufficient input sanitization and output escaping of post metaboxes added by the plugin. | 5.4 |
| 2024-09-05 | CVE-2024-6929 | Cross-site Scripting vulnerability in Ankitpokhrel Dynamic Featured Image The Dynamic Featured Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘dfiFeatured’ parameter in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-09-05 | CVE-2024-8363 | Cross-site Scripting vulnerability in Share-This-Image Share This Image The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's STI Buttons shortcode in all versions up to, and including, 2.02 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-09-04 | CVE-2024-45429 | Cross-site Scripting vulnerability in Wpengine Advanced Custom Fields Cross-site scripting vulnerability exists in Advanced Custom Fields versions 6.3.5 and earlier and Advanced Custom Fields Pro versions 6.3.5 and earlier. | 6.1 |
| 2024-09-04 | CVE-2024-2166 | Cross-site Scripting vulnerability in Forcepoint Email Security Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Email Security (Real Time Monitor modules) allows Reflected XSS.This issue affects Email Security: before 8.5.5 HF003. | 6.1 |