VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-12-19
CVE-2024-12783
Cross-site Scripting vulnerability in Angeljudesuarez Vehicle Management System 1.0
A vulnerability was found in itsourcecode Vehicle Management System 1.0 and classified as problematic.
network
low complexity
angeljudesuarez
CWE-79
6.1
6.1
2024-12-19
CVE-2024-12626
The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘a-0-o-search_field_value’ parameter in all versions up to, and including, 5.0.9 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
critical
9.6
9.6
2024-12-19
CVE-2021-20553
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting.
network
low complexity
CWE-79
5.4
5.4
2024-12-18
CVE-2024-25042
Cross-site Scripting vulnerability in IBM Cognos Analytics
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is potentially vulnerable to Cross Site Scripting (XSS).
network
low complexity
ibm
CWE-79
6.1
6.1
2024-12-18
CVE-2024-41752
Cross-site Scripting vulnerability in IBM Cognos Analytics
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML injection.
network
low complexity
ibm
CWE-79
6.1
6.1
2024-12-18
CVE-2024-11254
The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the disqus_name parameter in all versions up to, and including, 1.1.1 due to insufficient input validation.
network
low complexity
CWE-79
6.1
6.1
2024-12-18
CVE-2024-12449
The Video Share VOD – Turnkey Video Site Builder Script plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisper_player_html' shortcode in all versions up to, and including, 2.6.30 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2024-12-18
CVE-2024-11439
The ScanCircle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'scancircle' shortcode in all versions up to, and including, 2.9.2 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2024-12-18
CVE-2024-11748
The Taeggie Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'taeggie-feed' shortcode in all versions up to, and including, 0.1.9 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2024-12-18
CVE-2024-11881
The Easy Waveform Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'easywaveformplayer' shortcode in all versions up to, and including, 1.2.0 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
«
Previous
1
2
...
29
30
31
(current)
32
33
...
1822
1823
»
Next