Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2024-11-09 CVE-2024-51605 Cross-site Scripting vulnerability in Genoo
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Genoo, LLC Genoo allows DOM-Based XSS.This issue affects Genoo: from n/a through 6.0.10.
network
low complexity
genoo CWE-79
5.4
5.4
2024-11-09 CVE-2024-51609 Cross-site Scripting vulnerability in Elsner Emoji Shortcode
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Elsner Technologies Pvt.
network
low complexity
elsner CWE-79
5.4
5.4
2024-11-09 CVE-2024-51610 Cross-site Scripting vulnerability in Seothemes Display Terms Shortcode
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SEO Themes Display Terms Shortcode allows Stored XSS.This issue affects Display Terms Shortcode: from n/a through 1.0.4.
network
low complexity
seothemes CWE-79
5.4
5.4
2024-11-09 CVE-2024-51662 Cross-site Scripting vulnerability in Modernaweb Black Widgets for Elementor
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows Stored XSS.This issue affects Black Widgets For Elementor: from n/a through 1.3.6.
network
low complexity
modernaweb CWE-79
5.4
5.4
2024-11-09 CVE-2024-51663 Cross-site Scripting vulnerability in Bricksable for Bricks Builder
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bricksable Bricksable for Bricks Builder allows Stored XSS.This issue affects Bricksable for Bricks Builder: from n/a through 1.6.59.
network
low complexity
bricksable CWE-79
4.8
4.8
2024-11-09 CVE-2024-51664 Cross-site Scripting vulnerability in Beds24 Online Booking
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mark Kinchin Beds24 Online Booking allows Stored XSS.This issue affects Beds24 Online Booking: from n/a through 2.0.25.
network
low complexity
beds24 CWE-79
4.8
4.8
2024-11-09 CVE-2024-51668 Cross-site Scripting vulnerability in Target-Info Mycurator Content Curation
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mark Tilly MyCurator Content Curation allows Stored XSS.This issue affects MyCurator Content Curation: from n/a through 3.78.
network
low complexity
target-info CWE-79
4.8
4.8
2024-11-09 CVE-2024-10683 The Contact Form 7 – PayPal & Stripe Add-on plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.3.1.
network
low complexity
CWE-79
6.1
6.1
2024-11-09 CVE-2024-10876 The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.8.3.
network
low complexity
CWE-79
6.1
6.1
2024-11-09 CVE-2024-9226 The Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.7.6.
network
low complexity
CWE-79
6.1
6.1