Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-22 | CVE-2024-29184 | Cross-site Scripting vulnerability in Freescout FreeScout is a self-hosted help desk and shared mailbox. | 8.0 |
| 2024-03-22 | CVE-2024-2392 | Cross-site Scripting vulnerability in Creativethemes Blocksy Companion The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Newsletter widget in all versions up to, and including, 2.0.31 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-03-21 | CVE-2024-1278 | Cross-site Scripting vulnerability in Easysocialfeed Easy Social Feed The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'efb_likebox' shortcode in all versions up to, and including, 6.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-03-21 | CVE-2024-1326 | Cross-site Scripting vulnerability in Jegtheme JEG Elementor KIT The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via HTML Tag attributes in all versions up to, and including, 2.6.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-03-20 | CVE-2024-29471 | Cross-site Scripting vulnerability in Zhyd Oneblog 2.3.4 OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Notice Manage module. | 5.4 |
| 2024-03-20 | CVE-2024-29472 | Cross-site Scripting vulnerability in Zhyd Oneblog 2.3.4 OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Privilege Management module. | 5.4 |
| 2024-03-20 | CVE-2024-23642 | Cross-site Scripting vulnerability in Geoserver GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. | 4.8 |
| 2024-03-20 | CVE-2024-23643 | Cross-site Scripting vulnerability in Geoserver GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. | 4.8 |
| 2024-03-20 | CVE-2024-23818 | Cross-site Scripting vulnerability in Geoserver GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. | 4.8 |
| 2024-03-20 | CVE-2024-23819 | Cross-site Scripting vulnerability in Geoserver GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. | 4.8 |