Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-24	CVE-2024-46994	Cross-site Scripting vulnerability in Basercms baserCMS is a website development framework. network low complexity basercms CWE-79	5.4
2024-10-24	CVE-2024-46995	Cross-site Scripting vulnerability in Basercms baserCMS is a website development framework. network low complexity basercms CWE-79	6.1
2024-10-24	CVE-2024-46996	Cross-site Scripting vulnerability in Basercms baserCMS is a website development framework. network low complexity basercms CWE-79	5.4
2024-10-24	CVE-2024-46998	Cross-site Scripting vulnerability in Basercms baserCMS is a website development framework. network low complexity basercms CWE-79	5.4
2024-10-24	CVE-2024-10180	The Contact Form 7 – Repeatable Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's field_group shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity CWE-79	6.4
2024-10-24	CVE-2024-49693	Cross-site Scripting vulnerability in Kraftplugins Mega Elements Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.2.6. network low complexity kraftplugins CWE-79	5.4
2024-10-24	CVE-2024-49695	Cross-site Scripting vulnerability in Spiffyplugins WP Flow Plus Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a through 5.2.3. network low complexity spiffyplugins CWE-79	5.4
2024-10-24	CVE-2024-49696	Cross-site Scripting vulnerability in Robosoft Robo Gallery Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in RoboSoft Robo Gallery allows Stored XSS.This issue affects Robo Gallery: from n/a through 3.2.21. network low complexity robosoft CWE-79	4.8
2024-10-24	CVE-2024-49702	Cross-site Scripting vulnerability in Mycred Elementor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in myCRED myCred Elementor allows Stored XSS.This issue affects myCred Elementor: from n/a through 1.2.6. network low complexity mycred CWE-79	5.4
2024-10-24	CVE-2024-10176	The Compact WP Audio Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sc_embed_player shortcode in all versions up to, and including, 1.9.13 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity CWE-79	6.4