Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-01 | CVE-2024-24945 | Cross-site Scripting vulnerability in Remyandrade Travel Journal Using PHP and Mysql With Source Code 1.0 A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Share Your Moments parameter at /travel-journal/write-journal.php. | 6.1 |
| 2024-02-01 | CVE-2024-24059 | Cross-site Scripting vulnerability in Aitangbao Springboot-Manager 1.6 springboot-manager v1.6 is vulnerable to Arbitrary File Upload. | 5.4 |
| 2024-02-01 | CVE-2024-24060 | Cross-site Scripting vulnerability in Aitangbao Springboot-Manager 1.6 springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/user. | 5.4 |
| 2024-02-01 | CVE-2024-24061 | Cross-site Scripting vulnerability in Aitangbao Springboot-Manager 1.6 springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sysContent/add. | 5.4 |
| 2024-02-01 | CVE-2024-24062 | Cross-site Scripting vulnerability in Aitangbao Springboot-Manager 1.6 springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/role. | 5.4 |
| 2024-02-01 | CVE-2023-51506 | Cross-site Scripting vulnerability in Pluginus Wordpress Currency Switcher Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WPCS – WordPress Currency Switcher Professional allows Stored XSS.This issue affects WPCS – WordPress Currency Switcher Professional: from n/a through 1.2.0. | 5.4 |
| 2024-02-01 | CVE-2023-51666 | Cross-site Scripting vulnerability in Pickplugins Related Post Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Related Post allows Stored XSS.This issue affects Related Post: from n/a through 2.0.53. | 5.4 |
| 2024-02-01 | CVE-2023-51684 | Cross-site Scripting vulnerability in Awesomemotive Easy Digital Downloads Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Easy Digital Downloads Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) allows Stored XSS.This issue affects Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy): from n/a through 3.2.5. | 5.4 |
| 2024-02-01 | CVE-2023-52191 | Cross-site Scripting vulnerability in Torbjon Infogram 1.6.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Torbjon Infogram – Add charts, maps and infographics allows Stored XSS.This issue affects Infogram – Add charts, maps and infographics: from n/a through 1.6.1. | 5.4 |
| 2024-02-01 | CVE-2023-7069 | Cross-site Scripting vulnerability in Tinywebgallery Advanced Iframe The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'advanced_iframe' shortcode in all versions up to, and including, 2023.10 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |