Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-06 | CVE-2024-45400 | Cross-site Scripting vulnerability in Mlewand Open Link ckeditor-plugin-openlink is a plugin for the CKEditor JavaScript text editor that extends the context menu with a possibility to open a link in a new tab. | 6.1 |
| 2024-09-05 | CVE-2024-44728 | Cross-site Scripting vulnerability in Angeljudesuarez Event Management System 1.0 Sourcecodehero Event Management System 1.0 allows Stored Cross-Site Scripting via parameters Full Name, Address, Email, and contact# in /clientdetails/admin/regester.php. | 6.1 |
| 2024-09-05 | CVE-2024-45176 | Cross-site Scripting vulnerability in C-Mor 5.2401 An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. | 6.1 |
| 2024-09-05 | CVE-2024-8471 | Cross-site Scripting vulnerability in PHPgurukul JOB Portal 1.0 Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. | 6.1 |
| 2024-09-05 | CVE-2024-8472 | Cross-site Scripting vulnerability in PHPgurukul JOB Portal 1.0 Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. | 6.1 |
| 2024-09-05 | CVE-2024-8473 | Cross-site Scripting vulnerability in PHPgurukul JOB Portal 1.0 Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. | 6.1 |
| 2024-09-05 | CVE-2022-3556 | Cross-site Scripting vulnerability in Kanev CAB Fare Calculator 1.0.3/1.0.4 The Cab fare calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the vehicle title setting in versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping. | 4.8 |
| 2024-09-05 | CVE-2024-6894 | Cross-site Scripting vulnerability in Rdstation RD Station The RD Station plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.3.2 due to insufficient input sanitization and output escaping of post metaboxes added by the plugin. | 5.4 |
| 2024-09-05 | CVE-2024-6929 | Cross-site Scripting vulnerability in Ankitpokhrel Dynamic Featured Image The Dynamic Featured Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘dfiFeatured’ parameter in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-09-05 | CVE-2024-8363 | Cross-site Scripting vulnerability in Share-This-Image Share This Image The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's STI Buttons shortcode in all versions up to, and including, 2.02 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |