VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-10-11
CVE-2024-9221
The Tainacan plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 0.21.10.
network
low complexity
CWE-79
6.1
6.1
2024-10-11
CVE-2024-9232
The Download Plugins and Themes in ZIP from Dashboard plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.9.1.
network
low complexity
CWE-79
6.1
6.1
2024-10-11
CVE-2024-9346
The Embed videos and respect privacy plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'v' parameter in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.1
6.1
2024-10-11
CVE-2024-9436
The PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.5.14.
network
low complexity
CWE-79
6.1
6.1
2024-10-11
CVE-2024-9543
The PowerPress Podcasting plugin by Blubrry plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'skipto' shortcode in all versions up to, and including, 11.9.18 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2024-10-11
CVE-2024-9610
The Language Switcher plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.7.13.
network
low complexity
CWE-79
6.1
6.1
2024-10-11
CVE-2024-9616
The BlockMeister – Block Pattern Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.1.10.
network
low complexity
CWE-79
6.1
6.1
2024-10-10
CVE-2024-47872
Cross-site Scripting vulnerability in Gradio Project Gradio
Gradio is an open-source Python package designed for quick prototyping.
network
low complexity
gradio-project
CWE-79
5.4
5.4
2024-10-10
CVE-2024-9810
Cross-site Scripting vulnerability in Jkev Record Management System 1.0
A vulnerability was found in SourceCodester Record Management System 1.0.
network
low complexity
jkev
CWE-79
6.1
6.1
2024-10-10
CVE-2024-9806
Cross-site Scripting vulnerability in Classroombookings 2.8.6
A vulnerability has been found in Craig Rodway Classroombookings up to 2.8.6 and classified as problematic.
network
low complexity
classroombookings
CWE-79
4.8
4.8
«
Previous
1
2
...
56
57
58
(current)
59
60
...
2118
2119
»
Next