Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-15 | CVE-2024-45458 | Cross-site Scripting vulnerability in Spiffyplugins Spiffy Calendar Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Reflected XSS.This issue affects Spiffy Calendar: from n/a through 4.9.13. | 6.1 |
| 2024-09-15 | CVE-2024-45459 | Cross-site Scripting vulnerability in Pickplugins Product Slider for Woocommerce Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Product Slider for WooCommerce allows Reflected XSS.This issue affects Product Slider for WooCommerce: from n/a through 1.13.50. | 6.1 |
| 2024-09-15 | CVE-2024-45460 | Cross-site Scripting vulnerability in Info-D-74 Flipping Cards Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Manu225 Flipping Cards allows Stored XSS.This issue affects Flipping Cards: from n/a through 1.30. | 4.8 |
| 2024-09-15 | CVE-2024-8867 | Cross-site Scripting vulnerability in Perfexcrm Perfex CRM 3.1.6 A vulnerability was found in Perfex CRM 3.1.6. | 5.4 |
| 2024-09-15 | CVE-2024-8866 | Cross-site Scripting vulnerability in Autocms Project Autocms 5.4 A vulnerability was found in AutoCMS 5.4. | 6.1 |
| 2024-09-14 | CVE-2024-8863 | Cross-site Scripting vulnerability in Aimstack AIM A vulnerability, which was classified as problematic, was found in aimhubio aim up to 3.24. | 5.4 |
| 2024-09-14 | CVE-2023-3410 | Cross-site Scripting vulnerability in Bricksbuilder Bricks The Bricks theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘customTag' attribute in versions up to, and including, 1.10.1 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-09-14 | CVE-2024-8797 | Cross-site Scripting vulnerability in Wpbookingsystem WP Booking System The WP Booking System – Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.0.19.8. | 6.1 |
| 2024-09-14 | CVE-2024-8724 | Cross-site Scripting vulnerability in Xootix Waitlist Woocommerce The Waitlist Woocommerce ( Back in stock notifier ) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.7.5. | 6.1 |
| 2024-09-13 | CVE-2024-8783 | Cross-site Scripting vulnerability in Opentibiabr Myaac A vulnerability classified as problematic has been found in OpenTibiaBR MyAAC up to 0.8.16. | 5.4 |