Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-24 | CVE-2024-6752 | Cross-site Scripting vulnerability in Wpwebinfotech Social Auto Poster The Social Auto Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wp_name’ parameter in the 'wpw_auto_poster_map_wordpress_post_type' AJAX function in all versions up to, and including, 5.3.14 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-07-24 | CVE-2024-6753 | Cross-site Scripting vulnerability in Wpwebinfotech Social Auto Poster The Social Auto Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mapTypes’ parameter in the 'wpw_auto_poster_map_wordpress_post_type' AJAX function in all versions up to, and including, 5.3.14 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-07-23 | CVE-2024-41665 | Cross-site Scripting vulnerability in Ampache Ampache, a web based audio/video streaming application and file manager, has a stored cross-site scripting (XSS) vulnerability in versions prior to 6.6.0. | 5.4 |
| 2024-07-22 | CVE-2024-24507 | Cross-site Scripting vulnerability in Act-On 2023 Cross Site Scripting vulnerability in Act-On 2023 allows a remote attacker to execute arbitrary code via the newUser parameter in the login.jsp component. | 6.1 |
| 2024-07-22 | CVE-2024-32484 | Cross-site Scripting vulnerability in Ankitects Anki 24.04 An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. | 8.2 |
| 2024-07-22 | CVE-2024-41825 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab | 5.4 |
| 2024-07-22 | CVE-2024-41826 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page | 4.8 |
| 2024-07-22 | CVE-2024-37097 | Cross-site Scripting vulnerability in Unitedthemes Shortcodes Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in UnitedThemes Shortcodes by United Themes allows Reflected XSS.This issue affects Shortcodes by United Themes: from n/a before 5.0.5. | 6.1 |
| 2024-07-22 | CVE-2024-37206 | Cross-site Scripting vulnerability in Theme4Press Demo Awesome 1.0.0/1.0.1 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme4Press Demo Awesome allows Reflected XSS.This issue affects Demo Awesome: from n/a through 1.0.1. | 6.1 |
| 2024-07-22 | CVE-2024-37239 | Cross-site Scripting vulnerability in Wpmudev Branda Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPMU DEV Branda allows Stored XSS.This issue affects Branda: from n/a through 3.4.17. | 4.8 |