Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-27 | CVE-2024-29891 | Cross-site Scripting vulnerability in Zitadel ZITADEL users can upload their own avatar image and various image types are allowed. | 8.7 |
| 2024-03-27 | CVE-2024-28852 | Cross-site Scripting vulnerability in Ampache Ampache is a web based audio/video streaming application and file manager. | 6.1 |
| 2024-03-27 | CVE-2024-28853 | Cross-site Scripting vulnerability in Ampache Ampache is a web based audio/video streaming application and file manager. | 5.9 |
| 2024-03-27 | CVE-2024-2120 | Cross-site Scripting vulnerability in Elementor Website Builder The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Post Navigation widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-03-27 | CVE-2024-2139 | Cross-site Scripting vulnerability in Master-Addons Master Addons The Master Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Pricing Table widget in all versions up to, and including, 2.0.5.6 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-03-25 | CVE-2024-29179 | Cross-site Scripting vulnerability in PHPmyfaq 3.2.5 phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. | 4.8 |
| 2024-03-25 | CVE-2024-27300 | Cross-site Scripting vulnerability in PHPmyfaq 3.2.5 phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. | 5.4 |
| 2024-03-25 | CVE-2024-28106 | Cross-site Scripting vulnerability in PHPmyfaq 3.2.5 phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. | 5.4 |
| 2024-03-25 | CVE-2024-28108 | Cross-site Scripting vulnerability in PHPmyfaq 3.2.5 phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. | 6.1 |
| 2024-03-23 | CVE-2024-1049 | Cross-site Scripting vulnerability in Godaddy Coblocks The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Icon Widget's in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping on the link value. | 5.4 |