Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2024-10-29 CVE-2024-49660 Cross-site Scripting vulnerability in Campusexplorer Widget
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Campus Explorer Campus Explorer Widget allows Reflected XSS.This issue affects Campus Explorer Widget: from n/a through 1.4.
network
low complexity
campusexplorer CWE-79
6.1
6.1
2024-10-29 CVE-2024-49661 Cross-site Scripting vulnerability in Leenk Leenk.Me
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Lew Ayotte leenk.Me allows Reflected XSS.This issue affects leenk.Me: from n/a through 2.16.0.
network
low complexity
leenk CWE-79
6.1
6.1
2024-10-29 CVE-2024-49662 Cross-site Scripting vulnerability in Webgensis Simple Load More
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webgensis Simple Load More allows Reflected XSS.This issue affects Simple Load More: from n/a through 1.0.
network
low complexity
webgensis CWE-79
6.1
6.1
2024-10-29 CVE-2024-49663 Cross-site Scripting vulnerability in Elenazhyvohliad Ucat
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Elena Zhyvohliad uCAT – Next Story allows Reflected XSS.This issue affects uCAT – Next Story: from n/a through 2.0.0.
network
low complexity
elenazhyvohliad CWE-79
6.1
6.1
2024-10-29 CVE-2024-49664 Cross-site Scripting vulnerability in Chatplusjp
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in allows Reflected XSS.This issue affects chatplusjp: from n/a through 1.02.
network
low complexity
chatplusjp CWE-79
6.1
6.1
2024-10-29 CVE-2024-49665 Cross-site Scripting vulnerability in Webbricks web Bricks Addons
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Web Bricks Web Bricks Addons for Elementor allows Stored XSS.This issue affects Web Bricks Addons for Elementor: from n/a through 1.1.1.
network
low complexity
webbricks CWE-79
5.4
5.4
2024-10-29 CVE-2024-49667 Cross-site Scripting vulnerability in Nervythemes Local Business Addons for Elementor
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NervyThemes Local Business Addons For Elementor allows Stored XSS.This issue affects Local Business Addons For Elementor: from n/a through 1.1.5.
network
low complexity
nervythemes CWE-79
5.4
5.4
2024-10-29 CVE-2024-10184 The StreamWeasels Kick Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sw-kick-embed shortcode in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2024-10-29 CVE-2024-10185 The StreamWeasels YouTube Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sw-youtube-embed shortcode in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2024-10-29 CVE-2024-10266 The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video Box widget in all versions up to, and including, 4.10.60 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4