Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-29 | CVE-2024-49642 | Cross-site Scripting vulnerability in Rafasashi Todo Custom Field Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Rafasashi Todo Custom Field allows Reflected XSS.This issue affects Todo Custom Field: from n/a through 3.0.4. | 6.1 |
| 2024-10-29 | CVE-2024-50411 | Cross-site Scripting vulnerability in Kevonadonis WP Abstracts Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kevon Adonis WP Abstracts allows Stored XSS.This issue affects WP Abstracts: from n/a through 2.7.1. | 4.8 |
| 2024-10-29 | CVE-2024-10000 | The Masteriyo LMS – eLearning and Online Course Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the question's content parameter in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping. | 6.4 |
| 2024-10-28 | CVE-2024-50438 | Cross-site Scripting vulnerability in Themoyles Church Admin Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Andy Moyle Church Admin allows Reflected XSS.This issue affects Church Admin: from n/a before 5.0.0. | 6.1 |
| 2024-10-28 | CVE-2024-50439 | Cross-site Scripting vulnerability in Brainstormforce Astra Widgets Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force Astra Widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through 1.2.14. | 5.4 |
| 2024-10-28 | CVE-2024-50440 | Cross-site Scripting vulnerability in Codepen Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Chris Coyier CodePen Embedded Pens Shortcode allows Stored XSS.This issue affects CodePen Embedded Pens Shortcode: from n/a through 1.0.2. | 5.4 |
| 2024-10-28 | CVE-2024-50441 | Cross-site Scripting vulnerability in Cozythemes Cozy Blocks Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.15. | 5.4 |
| 2024-10-28 | CVE-2024-50445 | Cross-site Scripting vulnerability in Merkulove Selection Lite Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Merkulove Selection Lite allows Stored XSS.This issue affects Selection Lite: from n/a through 1.13. | 5.4 |
| 2024-10-28 | CVE-2024-50446 | Cross-site Scripting vulnerability in Futuriowp Futurio Extra Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FuturioWP Futurio Extra allows Stored XSS.This issue affects Futurio Extra: from n/a through 2.0.11. | 5.4 |
| 2024-10-28 | CVE-2024-50447 | Cross-site Scripting vulnerability in Envothemes Envo'S Elementor Templates & Widgets for Woocommerce Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce allows Stored XSS.This issue affects Envo's Elementor Templates & Widgets for WooCommerce: from n/a through 1.4.19. | 5.4 |