Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2024-11-11 CVE-2024-52354 Cross-site Scripting vulnerability in Coolplugins web Stories Widgets for Elementor
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cool Plugins Web Stories Widgets For Elementor allows Stored XSS.This issue affects Web Stories Widgets For Elementor: from n/a through 1.1.
network
low complexity
coolplugins CWE-79
5.4
5.4
2024-11-11 CVE-2024-52355 Cross-site Scripting vulnerability in Hyumika Openstreetmap
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hyumika OSM – OpenStreetMap allows Stored XSS.This issue affects OSM – OpenStreetMap: from n/a through 6.1.2.
network
low complexity
hyumika CWE-79
5.4
5.4
2024-11-11 CVE-2024-52356 Cross-site Scripting vulnerability in Webangon the Pack Elementor Addons
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webangon The Pack Elementor addons allows Stored XSS.This issue affects The Pack Elementor addons: from n/a through 2.1.0.
network
low complexity
webangon CWE-79
5.4
5.4
2024-11-11 CVE-2024-52357 Cross-site Scripting vulnerability in LQD Liquid Blocks
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LIQUID DESIGN Ltd.
network
low complexity
lqd CWE-79
5.4
5.4
2024-11-11 CVE-2024-52358 Cross-site Scripting vulnerability in Cyberchimps Responsive Addons for Elementor
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cyberchimps Responsive Addons for Elementor allows DOM-Based XSS.This issue affects Responsive Addons for Elementor: from n/a through 1.5.4.
network
low complexity
cyberchimps CWE-79
5.4
5.4
2024-11-10 CVE-2024-10265 Cross-site Scripting vulnerability in 10Web Form Maker
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.15.30.
network
low complexity
10web CWE-79
6.1
6.1
2024-11-10 CVE-2024-51576 Cross-site Scripting vulnerability in Wpza AMP IMG Shortcode
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPZA AMP Img Shortcode allows Stored XSS.This issue affects AMP Img Shortcode: from n/a through 1.0.1.
network
low complexity
wpza CWE-79
5.4
5.4
2024-11-10 CVE-2024-51577 Cross-site Scripting vulnerability in Camunda Bpmn.Io 1.0
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Camunda Services GmbH bpmn.Io allows Stored XSS.This issue affects bpmn.Io: from n/a through 1.0.
network
low complexity
camunda CWE-79
5.4
5.4
2024-11-10 CVE-2024-51578 Cross-site Scripting vulnerability in Lucapaggetti 3D Presentation 1.0
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Luca Paggetti 3D Presentation allows Stored XSS.This issue affects 3D Presentation: from n/a through 1.0.
network
low complexity
lucapaggetti CWE-79
5.4
5.4
2024-11-10 CVE-2024-51580 Cross-site Scripting vulnerability in Cleversoft Clever Addons for Elementor
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CleverSoft Clever Addons for Elementor allows Stored XSS.This issue affects Clever Addons for Elementor: from n/a through 2.2.1.
network
low complexity
cleversoft CWE-79
5.4
5.4