Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-19 | CVE-2024-11400 | Cross-site Scripting vulnerability in Pluginus Woocommerce products Filter The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the really_curr_tax parameter in all versions up to, and including, 1.3.6.3 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-11-19 | CVE-2024-30424 | Cross-site Scripting vulnerability in Wpzoom Beaver Builder Addons Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPZOOM Beaver Builder Addons by WPZOOM allows Stored XSS.This issue affects Beaver Builder Addons by WPZOOM: from n/a through 1.3.4. | 5.4 |
| 2024-11-19 | CVE-2024-52595 | Cross-site Scripting vulnerability in Fedoralovespython Lxml Html Clean lxml_html_clean is a project for HTML cleaning functionalities copied from `lxml.html.clean`. | 6.1 |
| 2024-11-19 | CVE-2024-52762 | Cross-site Scripting vulnerability in Ganglia Ganglia-Web 3.7.3/3.7.4/3.7.5 A cross-site scripting (XSS) vulnerability in the component /master/header.php of Ganglia-web v3.73 to v3.76 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "tz" parameter. | 5.4 |
| 2024-11-19 | CVE-2024-52763 | Cross-site Scripting vulnerability in Ganglia Ganglia-Web 3.7.3/3.7.4/3.7.5 A cross-site scripting (XSS) vulnerability in the component /graph_all_periods.php of Ganglia-web v3.73 to v3.75 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "g" parameter. | 5.4 |
| 2024-11-19 | CVE-2024-50430 | Cross-site Scripting vulnerability in Fastlinemedia Beaver Builder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Stored XSS.This issue affects Beaver Builder: from n/a through 2.8.3.7. | 4.8 |
| 2024-11-19 | CVE-2024-50514 | Cross-site Scripting vulnerability in Ninjaforms Ninja Forms Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16. | 4.8 |
| 2024-11-19 | CVE-2024-50515 | Cross-site Scripting vulnerability in Ninjaforms Ninja Forms Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16. | 4.8 |
| 2024-11-19 | CVE-2024-11198 | The GD Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘extra_class’ parameter in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. | 6.4 |
| 2024-11-19 | CVE-2024-11224 | The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘position’ parameter in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. | 6.4 |