| 2024-12-12 | CVE-2024-12260 | The Ultimate Endpoints With Rest Api plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 2.2.2 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-12-12 | CVE-2024-12338 | The Website Toolbox Community plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘websitetoolbox_username’ parameter in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-12-12 | CVE-2024-12461 | The WP-Revive Adserver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wprevive_async' shortcode in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. | 6.4 |
| 2024-12-12 | CVE-2024-12503 | Cross-site Scripting vulnerability in Classcms 4.8
A vulnerability classified as problematic was found in ClassCMS 4.8. | 4.8 |
| 2024-12-12 | CVE-2024-12536 | Cross-site Scripting vulnerability in Mayurik Advocate Office Management System 1.0
A vulnerability, which was classified as problematic, has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. | 5.4 |
| 2024-12-11 | CVE-2024-12325 | The Waymark plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘content’ parameter in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-12-11 | CVE-2024-12283 | The WP Pipes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘x1’ parameter in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-12-10 | CVE-2024-43712 | Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could allow an attacker to execute arbitrary code in the context of the victim's browser. | 5.4 |
| 2024-12-10 | CVE-2024-43713 | Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. | 5.4 |
| 2024-12-10 | CVE-2024-43714 | Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. | 5.4 |