Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2024-10-18 CVE-2024-49231 Cross-site Scripting vulnerability in Petercyclop Wordpress Video
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Peter CyClop WordPress Video allows Stored XSS.This issue affects WordPress Video: from n/a through 1.0.
network
low complexity
petercyclop CWE-79
5.4
2024-10-18 CVE-2024-49232 Cross-site Scripting vulnerability in Javierloureiro EL Mejor Cluster
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Javier Loureiro El mejor Cluster allows DOM-Based XSS.This issue affects El mejor Cluster: from n/a through 1.1.14.
network
low complexity
javierloureiro CWE-79
5.4
2024-10-18 CVE-2024-49233 Cross-site Scripting vulnerability in Madrasthemes MAS Elementor
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MadrasThemes MAS Elementor allows DOM-Based XSS.This issue affects MAS Elementor: from n/a through 1.1.6.
network
low complexity
madrasthemes CWE-79
5.4
2024-10-18 CVE-2024-49234 Cross-site Scripting vulnerability in Themeworm Plexx Elementor Extension
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in themeworm Plexx Elementor Extension allows Stored XSS.This issue affects Plexx Elementor Extension: from n/a through 1.3.4.
network
low complexity
themeworm CWE-79
5.4
2024-10-18 CVE-2024-49236 Cross-site Scripting vulnerability in Hafizuddinahmed Crazy Call to Action BOX
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hafiz Uddin Ahmed Crazy Call To Action Box allows Stored XSS.This issue affects Crazy Call To Action Box: from n/a through 1.0.5.
network
low complexity
hafizuddinahmed CWE-79
5.4
2024-10-18 CVE-2024-49238 Cross-site Scripting vulnerability in Dh9Sb.Dx-Info Adif LOG Search Widget
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in M.
network
low complexity
dh9sb-dx-info CWE-79
6.1
2024-10-18 CVE-2024-49239 Cross-site Scripting vulnerability in Nikhilvaghela ADD Categories Post Footer
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nikhil Vaghela Add Categories Post Footer allows Reflected XSS.This issue affects Add Categories Post Footer: from n/a through 2.2.2.
network
low complexity
nikhilvaghela CWE-79
6.1
2024-10-18 CVE-2024-49240 Cross-site Scripting vulnerability in Agustinberasategui AB Categories Search Widget
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Agustin Berasategui AB Categories Search Widget allows Reflected XSS.This issue affects AB Categories Search Widget: from n/a through 0.2.5.
network
low complexity
agustinberasategui CWE-79
6.1
2024-10-18 CVE-2024-49241 Cross-site Scripting vulnerability in Tadywalsh Tito
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tady Walsh Tito allows DOM-Based XSS.This issue affects Tito: from n/a through 2.3.
network
low complexity
tadywalsh CWE-79
5.4
2024-10-18 CVE-2024-9425 Cross-site Scripting vulnerability in Sajjadhsagor Advanced Category and Custom Taxonomy Image
The Advanced Category and Custom Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ad_tax_image shortcode in all versions up to, and including, 1.0.9 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
sajjadhsagor CWE-79
5.4