Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-09	CVE-2024-45406	Cross-site Scripting vulnerability in Craftcms Craft CMS Craft is a content management system (CMS). network low complexity craftcms CWE-79	4.8
2024-09-09	CVE-2024-8604	Cross-site Scripting vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0 A vulnerability classified as problematic has been found in SourceCodester Online Food Ordering System 2.0. network low complexity online-food-ordering-system-project CWE-79	6.1
2024-09-09	CVE-2024-8605	Cross-site Scripting vulnerability in Code-Projects Inventory Management 1.0 A vulnerability classified as problematic was found in code-projects Inventory Management 1.0. network low complexity code-projects CWE-79	5.4
2024-09-09	CVE-2024-40643	Cross-site Scripting vulnerability in Joplin Project Joplin Joplin is a free, open source note taking and to-do application. network low complexity joplin-project CWE-79 critical	9.6
2024-09-09	CVE-2024-5561	Cross-site Scripting vulnerability in Code-Atlantic Popup Maker The Popup Maker WordPress plugin before 1.19.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) network low complexity code-atlantic CWE-79	4.8
2024-09-09	CVE-2024-6910	Cross-site Scripting vulnerability in Myeventon Eventon The EventON WordPress plugin before 2.2.17 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed. network low complexity myeventon CWE-79	4.8
2024-09-09	CVE-2024-7918	Cross-site Scripting vulnerability in Ronvalstar Pocket Widget The Pocket Widget WordPress plugin through 0.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). network low complexity ronvalstar CWE-79	4.8
2024-09-09	CVE-2024-45625	Cross-site Scripting vulnerability in Incsub Forminator Cross-site scripting vulnerability exists in Forminator versions prior to 1.34.1. network low complexity incsub CWE-79	6.1
2024-09-08	CVE-2024-8582	Cross-site Scripting vulnerability in Oretnom23 Food Ordering Management System 1.0 A vulnerability was found in SourceCodester Food Ordering Management System 1.0 and classified as problematic. network low complexity oretnom23 CWE-79	6.1
2024-09-08	CVE-2024-8583	Cross-site Scripting vulnerability in Oretnom23 Online Bank Management System 1.0 A vulnerability was found in SourceCodester Online Bank Management System and Online Bank Management System - 1.0. network low complexity oretnom23 CWE-79	5.4