Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-10 | CVE-2023-51488 | Cross-site Scripting vulnerability in Automattic Crowdsignal Dashboard Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic, Inc. | 6.1 |
| 2024-02-10 | CVE-2023-51492 | Cross-site Scripting vulnerability in If-So Dynamic Content Personalization Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in If So Plugin If-So Dynamic Content Personalization allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through 1.6.3.1. | 5.4 |
| 2024-02-10 | CVE-2023-51493 | Cross-site Scripting vulnerability in Howardehrenberg Custom Post Carousels With OWL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Howard Ehrenberg Custom Post Carousels with Owl allows Stored XSS.This issue affects Custom Post Carousels with Owl: from n/a through 1.4.6. | 5.4 |
| 2024-02-10 | CVE-2024-23514 | Cross-site Scripting vulnerability in Clicktotweet Click to Tweet Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ClickToTweet.Com Click To Tweet allows Stored XSS.This issue affects Click To Tweet: from n/a through 2.0.14. | 5.4 |
| 2024-02-10 | CVE-2024-23516 | Cross-site Scripting vulnerability in Calculatorsworld CC BMI Calculator 0.1.0/1.0.0/2.0.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Calculators World CC BMI Calculator allows Stored XSS.This issue affects CC BMI Calculator: from n/a through 2.0.1. | 5.4 |
| 2024-02-10 | CVE-2024-23517 | Cross-site Scripting vulnerability in Startbooking Scheduling Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Start Booking Scheduling Plugin – Online Booking for WordPress allows Stored XSS.This issue affects Scheduling Plugin – Online Booking for WordPress: from n/a through 3.5.10. | 5.4 |
| 2024-02-10 | CVE-2024-24803 | Cross-site Scripting vulnerability in Wpoperation Ultra Companion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPoperation Ultra Companion – Companion plugin for WPoperation Themes allows Stored XSS.This issue affects Ultra Companion – Companion plugin for WPoperation Themes: from n/a through 1.1.9. | 5.4 |
| 2024-02-09 | CVE-2024-25109 | Cross-site Scripting vulnerability in Miraheze Managewiki 20210428 ManageWiki is a MediaWiki extension allowing users to manage wikis. | 5.4 |
| 2024-02-09 | CVE-2024-1245 | Cross-site Scripting vulnerability in Concretecms Concrete CMS Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes since administrator entered file attributes are not sufficiently sanitized in the Edit Attributes page. | 4.8 |
| 2024-02-09 | CVE-2024-1246 | Cross-site Scripting vulnerability in Concretecms Concrete CMS Concrete CMS in version 9 before 9.2.5 is vulnerable to reflected XSS via the Image URL Import Feature due to insufficient validation of administrator provided data. | 4.8 |