Export limit exceeded: 24693 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 44417 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44417 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-50051 | 2025-06-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chad Butler WP-Members allows Stored XSS.This issue affects WP-Members: from n/a through 3.5.4. | ||||
| CVE-2025-50018 | 2025-06-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tealium Tealium allows Stored XSS. This issue affects Tealium: from n/a through 2.1.17. | ||||
| CVE-2025-50038 | 2025-06-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in anantaddons Anant Addons for Elementor allows Stored XSS. This issue affects Anant Addons for Elementor: from n/a through 1.2.0. | ||||
| CVE-2025-50023 | 2025-06-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Coyier CodePen Embed Block allows Stored XSS. This issue affects CodePen Embed Block: from n/a through 1.1.1. | ||||
| CVE-2025-52733 | 2025-06-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anonform Ab ANON::form embedded secure form allows DOM-Based XSS. This issue affects ANON::form embedded secure form: from n/a through 1.7. | ||||
| CVE-2025-52710 | 2025-06-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ninja Team File Manager Pro allows Stored XSS. This issue affects File Manager Pro: from n/a through 1.8.8. | ||||
| CVE-2025-49873 | 2025-06-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NasaTheme Elessi allows Reflected XSS. This issue affects Elessi: from n/a through 6.3.9. | ||||
| CVE-2025-52782 | 2025-06-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in King Rayhan Scroll UP allows Reflected XSS. This issue affects Scroll UP: from n/a through 2.0. | ||||
| CVE-2025-50014 | 2025-06-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iamapinan PDPA Consent for Thailand allows Stored XSS. This issue affects PDPA Consent for Thailand: from n/a through 1.1.1. | ||||
| CVE-2025-50016 | 2025-06-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brijeshk89 IP Based Login allows Stored XSS. This issue affects IP Based Login: from n/a through 2.4.2. | ||||
| CVE-2025-50017 | 2025-06-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt WP Voting Contest allows Stored XSS. This issue affects WP Voting Contest: from n/a through 5.8. | ||||
| CVE-2025-50041 | 2025-06-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Engine Gutenberg Blocks – ACF Blocks Suite allows Stored XSS. This issue affects Gutenberg Blocks – ACF Blocks Suite: from n/a through 2.6.11. | ||||
| CVE-2025-50042 | 2025-06-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aviplugins.com WP Register Profile With Shortcode allows Stored XSS. This issue affects WP Register Profile With Shortcode: from n/a through 3.6.1. | ||||
| CVE-2025-50050 | 2025-06-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Interactive AG Jobs for WordPress allows Stored XSS. This issue affects Jobs for WordPress: from n/a through 2.7.12. | ||||
| CVE-2025-50015 | 2025-06-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rodrigo Bastos Hand Talk allows Stored XSS. This issue affects Hand Talk: from n/a through 6.0. | ||||
| CVE-2025-6257 | 2025-06-23 | 6.4 Medium | ||
| The Euro FxRef Currency Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's currency shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-52707 | 2025-06-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FirelightWP Firelight Lightbox allows Stored XSS. This issue affects Firelight Lightbox: from n/a through 2.3.16. | ||||
| CVE-2025-50035 | 2025-06-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CyrilG Fyrebox Quizzes allows Stored XSS. This issue affects Fyrebox Quizzes: from n/a through 3.0. | ||||
| CVE-2025-50037 | 2025-06-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Buying Buddy Buying Buddy IDX CRM allows DOM-Based XSS. This issue affects Buying Buddy IDX CRM: from n/a through 2.3.0. | ||||
| CVE-2025-50020 | 2025-06-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nitin Yawalkar RDFa Breadcrumb allows Stored XSS. This issue affects RDFa Breadcrumb: from n/a through 2.3. | ||||