Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-27 | CVE-2024-25412 | Cross-site Scripting vulnerability in Flatpress A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email field. | 6.1 |
| 2024-09-27 | CVE-2024-38308 | Cross-site Scripting vulnerability in Advantech Adam 5550-Firmware Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. | 6.1 |
| 2024-09-27 | CVE-2024-40510 | Cross-site Scripting vulnerability in Openpetra 2023.02 Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMCommon.asmx function. | 8.2 |
| 2024-09-27 | CVE-2024-47184 | Cross-site Scripting vulnerability in Ampache Ampache is a web based audio/video streaming application and file manager. | 4.8 |
| 2024-09-27 | CVE-2024-8608 | Cross-site Scripting vulnerability in Oceanicsoft Valeapp Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Oceanic Software ValeApp allows Stored XSS.This issue affects ValeApp: before v2.0.0. | 5.4 |
| 2024-09-27 | CVE-2024-9279 | Cross-site Scripting vulnerability in Funnyzpc Mee-Admin A vulnerability, which was classified as problematic, was found in funnyzpc Mee-Admin up to 1.6. | 4.8 |
| 2024-09-27 | CVE-2024-6931 | Cross-site Scripting vulnerability in Stellarwp the Events Calendar The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via RSVP name field in all versions up to, and including, 6.6.3 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-09-27 | CVE-2024-8681 | Cross-site Scripting vulnerability in Leap13 Premium Addons for Elementor The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Grid widget in all versions up to, and including, 4.10.52 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-09-27 | CVE-2024-8991 | Cross-site Scripting vulnerability in Hyumika Openstreetmap The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's osm_map and osm_map_v3 shortcodes in all versions up to, and including, 6.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-09-27 | CVE-2024-9049 | Cross-site Scripting vulnerability in Fastlinemedia Beaver Builder The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button Group module in all versions up to, and including, 2.8.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |