Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-12 | CVE-2024-24928 | Cross-site Scripting vulnerability in Content Cards Project Content Cards Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arunas Liuiza Content Cards allows Stored XSS.This issue affects Content Cards: from n/a through 0.9.7. | 5.4 |
| 2024-02-12 | CVE-2024-24930 | Cross-site Scripting vulnerability in Otwthemes Buttons Shortcode and Widget Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes.Com Buttons Shortcode and Widget allows Stored XSS.This issue affects Buttons Shortcode and Widget: from n/a through 1.16. | 5.4 |
| 2024-02-12 | CVE-2024-24931 | Cross-site Scripting vulnerability in Swadeshswain Before After Image Slider Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in swadeshswain Before After Image Slider WP allows Stored XSS.This issue affects Before After Image Slider WP: from n/a through 2.2. | 5.4 |
| 2024-02-12 | CVE-2024-24932 | Cross-site Scripting vulnerability in Zixn VK Poster Group 2.0.3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Djo VK Poster Group allows Reflected XSS.This issue affects VK Poster Group: from n/a through 2.0.3. | 6.1 |
| 2024-02-12 | CVE-2024-24933 | Cross-site Scripting vulnerability in Prasidhdamalla Honeypot for WP Comment 2.2.3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prasidhda Malla Honeypot for WP Comment allows Reflected XSS.This issue affects Honeypot for WP Comment: from n/a through 2.2.3. | 6.1 |
| 2024-02-11 | CVE-2024-23724 | Cross-site Scripting vulnerability in Ghost Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. | 9.0 |
| 2024-02-10 | CVE-2023-51404 | Cross-site Scripting vulnerability in Myagileprivacy MY Agile Privacy Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MyAgilePrivacy My Agile Privacy – The only GDPR solution for WordPress that you can truly trust allows Stored XSS.This issue affects My Agile Privacy – The only GDPR solution for WordPress that you can truly trust: from n/a through 2.1.7. | 5.4 |
| 2024-02-10 | CVE-2023-51415 | Cross-site Scripting vulnerability in Givewp Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform allows Stored XSS.This issue affects GiveWP – Donation Plugin and Fundraising Platform: from n/a through 3.2.2. | 5.4 |
| 2024-02-10 | CVE-2023-51480 | Cross-site Scripting vulnerability in Pluginus Woot Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 Active Products Tables for WooCommerce. | 5.4 |
| 2024-02-10 | CVE-2023-51485 | Cross-site Scripting vulnerability in Wp-Hosting PAY With Vipps and Mobilepay for Woocommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Hosting Pay with Vipps and MobilePay for WooCommerce allows Stored XSS.This issue affects Pay with Vipps and MobilePay for WooCommerce: from n/a through 1.14.13. | 5.4 |