Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-31 | CVE-2024-22286 | Cross-site Scripting vulnerability in Aluka BA Plus 1.0.3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aluka BA Plus – Before & After Image Slider FREE allows Reflected XSS.This issue affects BA Plus – Before & After Image Slider FREE: from n/a through 1.0.3. | 6.1 |
| 2024-01-31 | CVE-2024-22289 | Cross-site Scripting vulnerability in Cybernetikz Post Views Stats 1.3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cybernetikz Post views Stats allows Reflected XSS.This issue affects Post views Stats: from n/a through 1.3. | 6.1 |
| 2024-01-31 | CVE-2024-22292 | Cross-site Scripting vulnerability in Delower WP to DO Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Delower WP To Do allows Stored XSS.This issue affects WP To Do: from n/a through 1.2.8. | 5.4 |
| 2024-01-31 | CVE-2024-22293 | Cross-site Scripting vulnerability in Dontdream BP Profile Search Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrea Tarantini BP Profile Search allows Reflected XSS.This issue affects BP Profile Search: from n/a through 5.5. | 6.1 |
| 2024-01-31 | CVE-2024-22295 | Cross-site Scripting vulnerability in Robogallery Robo Gallery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery allows Stored XSS.This issue affects Photo Gallery, Images, Slider in Rbs Image Gallery: from n/a through 3.2.17. | 5.4 |
| 2024-01-31 | CVE-2024-22297 | Cross-site Scripting vulnerability in Codeboxr CBX MAP 1.1.11 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeboxr CBX Map for Google Map & OpenStreetMap allows Stored XSS.This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through 1.1.11. | 5.4 |
| 2024-01-31 | CVE-2024-0589 | Cross-site Scripting vulnerability in Devolutions Remote Desktop Manager Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry. | 5.4 |
| 2024-01-31 | CVE-2023-2439 | Cross-site Scripting vulnerability in Userproplugin Userpro The UserPro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'userpro' shortcode in versions up to, and including, 5.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-01-31 | CVE-2024-22569 | Cross-site Scripting vulnerability in Poscms 4.6.2 Stored Cross-Site Scripting (XSS) vulnerability in POSCMS v4.6.2, allows attackers to execute arbitrary code via a crafted payload to /index.php?c=install&m=index&step=2&is_install_db=0. | 5.4 |
| 2024-01-30 | CVE-2023-36259 | Cross-site Scripting vulnerability in Craftcms Craft CMS Cross Site Scripting (XSS) vulnerability in Craft CMS Audit Plugin before version 3.0.2 allows attackers to execute arbitrary code during user creation. | 5.4 |