Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-21 | CVE-2024-37556 | Cross-site Scripting vulnerability in Seedprod Wordpress Notification BAR Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SeedProd WordPress Notification Bar allows Stored XSS.This issue affects WordPress Notification Bar: from n/a through 1.3.10. | 4.8 |
| 2024-07-20 | CVE-2024-37922 | Cross-site Scripting vulnerability in Leap13 Premium Addons for Elementor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor allows Stored XSS.This issue affects Premium Addons for Elementor: from n/a through 4.10.34. | 5.4 |
| 2024-07-20 | CVE-2024-37944 | Cross-site Scripting vulnerability in Wptravelengine WP Travel Engine Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Travel Engine allows Stored XSS.This issue affects WP Travel Engine: from n/a through 5.9.1. | 5.4 |
| 2024-07-20 | CVE-2024-40347 | Cross-site Scripting vulnerability in Hyland Alfresco Content Services 7.2.0 A reflected cross-site scripting (XSS) vulnerability in Hyland Alfresco Platform 23.2.1-r96 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the parameter htmlid. | 6.1 |
| 2024-07-19 | CVE-2024-41599 | Cross-site Scripting vulnerability in Ruoyi Cross Site Scripting vulnerability in RuoYi v.4.7.9 and before allows a remote attacker to execute arbitrary code via the file upload method | 6.1 |
| 2024-07-19 | CVE-2024-39457 | Cross-site Scripting vulnerability in Cybozu Garoon 6.0.0/6.0.1 Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. | 5.4 |
| 2024-07-18 | CVE-2024-39682 | Cross-site Scripting vulnerability in Boxystudio Cooked Cooked is a recipe plugin for WordPress. | 5.4 |
| 2024-07-17 | CVE-2023-43971 | Cross-site Scripting vulnerability in Lizhipay Acg-Faka 1.1.7 Cross Site Scripting vulnerability in ACG-faka v1.1.7 allows a remote attacker to execute arbitrary code via the encode parameter in Index.php. | 6.1 |
| 2024-07-17 | CVE-2024-39124 | Cross-site Scripting vulnerability in Roundup-Tracker Roundup In Roundup before 2.4.0, classhelpers (_generic.help.html) allow XSS. | 5.4 |
| 2024-07-17 | CVE-2024-39125 | Cross-site Scripting vulnerability in Roundup-Tracker Roundup Roundup before 2.4.0 allows XSS via a SCRIPT element in an HTTP Referer header. | 5.4 |