Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-19 | CVE-2024-10142 | Cross-site Scripting vulnerability in Code-Projects Blood Bank System 1.0 A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. | 5.4 |
| 2024-10-19 | CVE-2024-9897 | Cross-site Scripting vulnerability in Streamweasels Twitch Integration The StreamWeasels Twitch Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sw-twitch-embed shortcode in all versions up to, and including, 1.8.6 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-10-19 | CVE-2024-9219 | Cross-site Scripting vulnerability in Maxfoundry Social Share Buttons The WordPress Social Share Buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.19. | 6.1 |
| 2024-10-18 | CVE-2024-43300 | Cross-site Scripting vulnerability in Heimkino-Praxis Movie Database Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bert Kößler Movie Database allows Stored XSS.This issue affects Movie Database: from n/a through 1.0.11. | 4.8 |
| 2024-10-18 | CVE-2024-9674 | Cross-site Scripting vulnerability in Tahoe Debrandify The Debrandify · Remove or Replace WordPress Branding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-10-18 | CVE-2024-10057 | Cross-site Scripting vulnerability in Fahadmahmood RSS Feed Widget The RSS Feed Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's rfw-youtube-videos shortcode in all versions up to, and including, 2.9.9 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-10-18 | CVE-2024-49224 | Cross-site Scripting vulnerability in Maheshpatel Mitm BUG Tracker Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mahesh Patel Mitm Bug Tracker allows Reflected XSS.This issue affects Mitm Bug Tracker: from n/a through 1.0. | 6.1 |
| 2024-10-18 | CVE-2024-49225 | Cross-site Scripting vulnerability in Swebdeveloper Wppricing Builder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Swebdeveloper wpPricing Builder allows Stored XSS.This issue affects wpPricing Builder: from n/a through 1.5.0. | 5.4 |
| 2024-10-18 | CVE-2024-49228 | Cross-site Scripting vulnerability in Crossedcode Bverse Convert Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CrossedCode bVerse Convert allows Stored XSS.This issue affects bVerse Convert: from n/a through 1.3.7.1. | 5.4 |
| 2024-10-18 | CVE-2024-49230 | Cross-site Scripting vulnerability in Harpreetsingh Ajax Custom Css/Js Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Harpreet Singh Ajax Custom CSS/JS allows Reflected XSS.This issue affects Ajax Custom CSS/JS: from n/a through 2.0.4. | 6.1 |