Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2024-02-05 CVE-2024-24838 Cross-site Scripting vulnerability in Fivestarplugins Five Star Restaurant Menu
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Five Star Plugins Five Star Restaurant Reviews allows Stored XSS.This issue affects Five Star Restaurant Reviews: from n/a through 2.3.5.
network
low complexity
fivestarplugins CWE-79
5.4
5.4
2024-02-05 CVE-2024-24839 Cross-site Scripting vulnerability in Wpsc-Plugin Structured Content
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc allows Stored XSS.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.6.1.
network
low complexity
wpsc-plugin CWE-79
5.4
5.4
2024-02-05 CVE-2024-24841 Cross-site Scripting vulnerability in Dev.Dans-Art ADD Customer for Woocommerce
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dan's Art Add Customer for WooCommerce allows Stored XSS.This issue affects Add Customer for WooCommerce: from n/a through 1.7.
network
low complexity
dev-dans-art CWE-79
4.8
4.8
2024-02-05 CVE-2024-24846 Cross-site Scripting vulnerability in Mightythemes Mighty Addons 1.9.3
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MightyThemes Mighty Addons for Elementor allows Reflected XSS.This issue affects Mighty Addons for Elementor: from n/a through 1.9.3.
network
low complexity
mightythemes CWE-79
6.1
6.1
2024-02-05 CVE-2024-24847 Cross-site Scripting vulnerability in Jgadbois Calculatorpro Calculators 1.1.7
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgadbois CalculatorPro Calculators allows Reflected XSS.This issue affects CalculatorPro Calculators: from n/a through 1.1.7.
network
low complexity
jgadbois CWE-79
6.1
6.1
2024-02-05 CVE-2024-24848 Cross-site Scripting vulnerability in Mjssoftware Sign UPS 1.0.4
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MJS Software PT Sign Ups – Beautiful volunteer sign ups and management made easy allows Stored XSS.This issue affects PT Sign Ups – Beautiful volunteer sign ups and management made easy: from n/a through 1.0.4.
network
low complexity
mjssoftware CWE-79
6.1
6.1
2024-02-05 CVE-2024-24865 Cross-site Scripting vulnerability in Noahkagan Scroll Triggered BOX 2.3
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noah Kagan Scroll Triggered Box allows Stored XSS.This issue affects Scroll Triggered Box: from n/a through 2.3.
network
low complexity
noahkagan CWE-79
5.4
5.4
2024-02-03 CVE-2023-49950 Cross-site Scripting vulnerability in Logpoint Siem 6.10.0
The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view.
network
low complexity
logpoint CWE-79
5.4
5.4
2024-02-03 CVE-2023-37528 Cross-site Scripting vulnerability in Hcltech Bigfix Platform
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attack to exploit an application parameter during execution of the Save Report.
network
low complexity
hcltech CWE-79
6.1
6.1
2024-02-03 CVE-2024-0895 Cross-site Scripting vulnerability in Dearhive PDF Flipbook, 3D Flipbook
The PDF Flipbook, 3D Flipbook – DearFlip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via outline settings in all versions up to, and including, 2.2.26 due to insufficient input sanitization and output escaping on user supplied data.
network
low complexity
dearhive CWE-79
5.4
5.4