High
CVE-2025-32511
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Excellent Dynamics Make Email Customizer for WooCommerce make-email-customizer-for-woocommerce al…
Tag: Reflected XSS
All CVEs associated with "Reflected XSS". Page 7/23 • 2754 CVEs.
Subscribe CVEs: RSS for “Reflected XSS” · RSS (High+Critical only)
About “Reflected XSS”
A curated feed of “Reflected XSS”-related CVEs appears below. We currently track 2754 CVEs for this tag (all time). In the last 365 days, 598 were published. Average CVSS is 6.7 (all time; 6.9 over 365d), and 66% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-352 - Cross-Site Request Forgery (CSRF), CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS).
In our taxonomy this topic maps to a MODERATE impact class. Common exploitation patterns for this weakness can lead to moderate. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2025-04-17
High
CVE-2025-32508
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ComMotion Course Booking System course-booking-system allows Reflected XSS.This issue affects Cou…
High
CVE-2025-32507
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aakif Kadiwala Event Espresso – Custom Email Template Shortcode email-shortcode allows Reflected…
High
CVE-2025-32506
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BenDlz AT Internet SmartTag at-internet allows Reflected XSS.This issue affects AT Internet Smart…
High
CVE-2025-32504
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in silvasoft Silvasoft boekhouden silvasoft-boekhouden allows Reflected XSS.This issue affects Silva…
High
CVE-2025-31018
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FireDrum FireDrum Email Marketing firedrum-email-marketing allows Reflected XSS.This issue affect…
High
CVE-2025-31006
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arete-it Activity Reactions For Buddypress activity-reactions-for-buddypress allows Reflected XSS…
High
CVE-2025-27354
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in phil88530 Simple Email Subscriber simple-email-subscriber allows Reflected XSS.This issue affects…
High
CVE-2025-27346
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gerrygooner Rebuild Permalinks rebuild-permalinks allows Reflected XSS.This issue affects Rebuild…
High
CVE-2025-27345
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Deetronix Booking Ultra Pro booking-ultra-pro allows Reflected XSS.This issue affects Booking Ult…
High
CVE-2025-27343
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webilop WooCommerce HTML5 Video woocommerce-html5-video allows Reflected XSS.This issue affects W…
High
CVE-2025-27338
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in graphems List Urls list-urls allows Reflected XSS.This issue affects List Urls: from n/a through…
High
CVE-2025-27337
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kontur Fontsampler fontsampler allows Reflected XSS.This issue affects Fontsampler: from n/a thro…
High
CVE-2025-27333
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in alvego Protected wp-login protected-wp-login allows Reflected XSS.This issue affects Protected wp…
High
CVE-2025-27324
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 17track 17TRACK for WooCommerce 17track allows Reflected XSS.This issue affects 17TRACK for WooCo…
High
CVE-2025-27322
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bappa Mal QR Code for WooCommerce wc-qr-codes allows Reflected XSS.This issue affects QR Code for…
High
CVE-2025-27319
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ivan82 User List user-list allows Reflected XSS.This issue affects User List: from n/a through <=…
High
CVE-2025-27313
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bernd Altmeier Google Maps GPX Viewer google-maps-gpx-viewer allows Reflected XSS.This issue affe…
High
CVE-2025-27308
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmstactics WP Video Posts wp-video-posts allows Reflected XSS.This issue affects WP Video Posts:…
High
CVE-2025-27293
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webparexapp Shipmozo Courier Tracking webparex allows Reflected XSS.This issue affects Shipmozo C…
High
CVE-2025-27292
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PoppinsDigital.com WPYog Documents wpyog-documents allows Reflected XSS.This issue affects WPYog…
High
CVE-2025-27291
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxgallery WordPress Photo Gallery – Image Gallery photo-image-gallery allows Reflected XSS.This i…
High
CVE-2025-27289
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Antoine Guillien Restrict Taxonomies restrict-taxonomies allows Reflected XSS.This issue affects…
High
CVE-2025-27288
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BjornW File Icons file-icons allows Reflected XSS.This issue affects File Icons: from n/a through…
High
CVE-2025-27285
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Easy Form easy-form allows Reflected XSS.This issue affects Easy Form: from n/a through <…
High
CVE-2025-27284
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in divspark Flagged Content flagged-content allows Reflected XSS.This issue affects Flagged Content:…
High
CVE-2025-24752
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Reflected X…
High
CVE-2025-24745
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RadiusTheme Classified Listing classified-listing allows Reflected XSS.This issue affects Classif…
High
CVE-2025-24670
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dhanendran Rajagopal Term Taxonomy Converter term-taxonomy-converter allows Reflected XSS.This is…
High
CVE-2025-24655
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Wishlist wishlist allows Reflected XSS.This issue affects Wishlist: from n/a through…
High
CVE-2025-24645
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rob Scott Eazy Under Construction eazy-under-construction allows Reflected XSS.This issue affects…
High
CVE-2025-24640
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dan-Lucian Stefancu Empty Tags Remover empty-tags-remover allows Reflected XSS.This issue affects…
High
CVE-2025-24637
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Beacon Lead Magnets and Lead Capture beacon-by allows Reflected XSS.This issue affect…
High
CVE-2025-24624
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems HT Event ht-event allows Reflected XSS.This issue affects HT Event: from n/a through <=…
High
CVE-2025-24621
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tychesoftwares Arconix Shortcodes arconix-shortcodes allows Reflected XSS.This issue affects Arco…
High
CVE-2025-24619
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webheadcoder WP Log Action wp-log-action allows Reflected XSS.This issue affects WP Log Action: f…
High
CVE-2025-24586
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bitsstech Shipment Tracker for Woocommerce shipment-tracker-for-woocommerce allows Reflected XSS.…
High
CVE-2025-24553
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Akadrama Shipping with Venipak for WooCommerce wc-venipak-shipping allows Reflected XSS.This issu…
High
CVE-2025-24548
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Autoglot Autoglot – Automatic WordPress Translation autoglot allows Reflected XSS.This issue affe…
High
CVE-2025-24539
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in debounce DeBounce Email Validator debounce-io-email-validator allows Reflected XSS.This issue aff…
High
CVE-2025-23858
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hiren Patel Custom Users Order custom-users-order allows Reflected XSS.This issue affects Custom…
High
CVE-2025-23855
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fyljp SpiderDisplay spiderdisplay allows Reflected XSS.This issue affects SpiderDisplay: from n/a…
High
CVE-2025-23782
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TotalSuite TotalContest Lite totalcontest-lite allows Reflected XSS.This issue affects TotalConte…
High
CVE-2025-23448
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dastan800 visualslider Sldier visual-slider allows Reflected XSS.This issue affects visualslider…
High
CVE-2025-23443
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Claire Ryan Author Showcase author-showcase allows Reflected XSS.This issue affects Author Showca…
High
CVE-2025-22796
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in platcom WP-Asambleas wp-asambleas allows Reflected XSS.This issue affects WP-Asambleas: from n/a…
High
CVE-2025-22774
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRUDLab CRUDLab Scroll to Top crudlab-scroll-to-top allows Reflected XSS.This issue affects CRUDL…
High
CVE-2025-22692
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rachanaS Sponsered Link sponsered-link allows Reflected XSS.This issue affects Sponsered Link: fr…
High
CVE-2025-22651
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wppluginboxdev Stylish Google Sheet Reader stylish-google-sheet-reader allows Reflected XSS.This…
High
CVE-2025-22636
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vicente Ruiz Gálvez VR-Frases vr-frases allows Reflected XSS.This issue affects VR-Frases: from n…
High
CVE-2025-22565
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bill Zimmerman vooPlayer v4 vooplayer allows Reflected XSS.This issue affects vooPlayer v4: from…
2025-04-15
High
CVE-2025-32923
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoodLayers Tourmaster tourmaster allows Reflected XSS.This issue affects Tourmaster: from n/a thr…
High
CVE-2025-30984
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dzynit SEO Tools seo-automatic-seo-tools allows Reflected XSS.This issue affects SEO Tools: from…
High
CVE-2025-30970
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in scottwallick Easy Contact easy-contact allows Reflected XSS.This issue affects Easy Contact: from…
High
CVE-2025-26746
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in caalami Advanced Custom Fields: Link Picker Field acf-link-picker-field allows Reflected XSS.This…
High
CVE-2025-22263
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Global Gallery allows Reflected XSS. This issue affects Global Gallery: from n/a through…
High
CVE-2025-31011
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ReichertBrothers SimplyRETS Real Estate IDX simply-rets allows Reflected XSS.This issue affects S…
High
CVE-2025-30962
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fs-code FS Poster fs-poster allows Reflected XSS.This issue affects FS Poster: from n/a through <…
High
CVE-2025-26992
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fatcatapps Landing Page Cat landing-page-cat allows Reflected XSS.This issue affects Landing Page…
High
CVE-2025-26954
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 1pluginjquery ZooEffect 1-jquery-photo-gallery-slideshow-flash allows Reflected XSS.This issue af…
High
CVE-2025-26743
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TC.K Advance WP Query Search Filter advance-wp-query-search-filter allows Reflected XSS.This issu…
2025-04-14
High
CVE-2025-22373
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SicommNet BASEC on SaaS allows Reflected XSS, XSS Through HTTP Query Strings, Rendering of…
Medium
CVE-2024-49707
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form designed for resetting user'…
Medium
CVE-2024-13598
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. Using a functionality of creating new form fields one creates new parameters v…
Medium
CVE-2024-13597
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form sent to login panel at /soft…
Medium
CVE-2024-10090
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form designed for adding users wi…
Medium
CVE-2024-10088
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a login form with a malicious scrip…
Medium
CVE-2024-10087
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might craft a link containing a malicious script, which then gets d…
2025-04-11
High
CVE-2025-32632
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KaizenCoders Automatic Ban IP automatic-ban-ip allows Reflected XSS.This issue affects Automatic…
High
CVE-2025-32601
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in twispay Twispay Credit Card Payments twispay allows Reflected XSS.This issue affects Twispay Cred…
High
CVE-2025-32600
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tournamatch Tournamatch tournamatch allows Reflected XSS.This issue affects Tournamatch: from n/a…
High
CVE-2025-32599
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in miunosoft Task Scheduler task-scheduler allows Reflected XSS.This issue affects Task Scheduler: f…
High
CVE-2025-32598
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Table Builder WP Table Builder wp-table-builder allows Reflected XSS.This issue affects WP Tab…
High
CVE-2025-32586
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ABA Bank ABA PayWay Payment Gateway for WooCommerce aba-payway-woocommerce-payment-gateway allows…
High
CVE-2025-32553
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magnigenie RestroPress restropress allows Reflected XSS.This issue affects RestroPress: from n/a…
High
CVE-2025-32551
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace connector-civicrm-mcrestface allows Reflecte…
High
CVE-2025-32541
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in infosoftplugin WooCommerce Sales MIS Report woocommerce-mis-report allows Reflected XSS.This issu…
High
CVE-2025-32539
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Josh Kohlbach Store Exporter woocommerce-exporter allows Reflected XSS.This issue affects Store E…
High
CVE-2025-32538
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dev02ali Easy Post Duplicator easy-post-duplicator allows Reflected XSS.This issue affects Easy P…
High
CVE-2025-32537
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rachel Cherry Lock Your Updates lock-your-updates allows Reflected XSS.This issue affects Lock Yo…
High
CVE-2025-32536
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sandeep Verma HTML5 Video Player with Playlist html5-video-player-with-playlist allows Reflected…
High
CVE-2025-32534
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Workbox Workbox Video from Vimeo & Youtube workbox-video-from-vimeo-youtube-plugin allows Reflect…
High
CVE-2025-32525
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MapGeo Interactive Geo Maps interactive-geo-maps allows Reflected XSS.This issue affects Interact…
High
CVE-2025-32524
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MyWorks MyWorks WooCommerce Sync for QuickBooks Online myworks-woo-sync-for-quickbooks-online all…
High
CVE-2025-32523
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in payphone WooCommerce – Payphone Gateway wc-payphone-gateway allows Reflected XSS.This issue affec…
High
CVE-2025-32517
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SCAND MultiMailer scand-multi-mailer allows Reflected XSS.This issue affects MultiMailer: from n/…
High
CVE-2025-31379
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in programphases Insert HTML Here insert-html-here allows Reflected XSS.This issue affects Insert HT…
High
CVE-2025-31378
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in danbwb Oppso Unit Converter oppso-unit-converter allows Reflected XSS.This issue affects Oppso Un…
High
CVE-2025-31028
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Huseyin Berberoglu WP Hide Categories wp-hide-categories allows Reflected XSS.This issue affects…
High
CVE-2025-31021
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dolby_uk Mobile Smart mobile-smart allows Reflected XSS.This issue affects Mobile Smart: from n/a…
2025-04-10
Medium
CVE-2025-32027
Yii is an open source PHP web framework. Prior to 1.1.31, yiisoft/yii is vulnerable to Reflected XSS in specific scenarios where the fallback error renderer is used. Upgrade yiisoft/yii to version 1.…
High
CVE-2025-27350
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hugh Mungus Vice Versa vice-versa allows Reflected XSS.This issue affects Vice Versa: from n/a th…
High
CVE-2025-32116
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Studi7 QR Master qr-master allows Reflected XSS.This issue affects QR Master: from n/a through <=…
High
CVE-2025-32115
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Popping Content Light popping-content-light allows Reflected XSS.This issue affects Pop…
High
CVE-2025-32114
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 5sterrenspecialist WordPress 5sterrenspecialist Plugin 5-sterrenspecialist allows Reflected XSS.T…
2025-04-09
High
CVE-2025-32575
Cross-Site Request Forgery (CSRF) vulnerability in axew3 WP w3all phpBB wp-w3all-phpbb-integration allows Reflected XSS.This issue affects WP w3all phpBB: from n/a through <= 2.9.9.
High
CVE-2025-32556
Cross-Site Request Forgery (CSRF) vulnerability in Sandor Kovacs Simple Post Meta Manager simple-post-meta-manager allows Reflected XSS.This issue affects Simple Post Meta Manager: from n/a through <…
High
CVE-2025-32543
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hivedigital Canonical Attachments canonical-attachments allows Reflected XSS.This issue affects C…
2025-04-08
High
CVE-2025-32117
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Widgetize Pages Light widgetize-pages-light allows Reflected XSS.This issue affects Wid…
High
CVE-2025-22466
Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required.
Medium
CVE-2025-22465
Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to execute arbitrary javascript in a victim's browser. Unlikely us…
2025-04-04
High
CVE-2025-31418
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in noonnoo Gravel allows Reflected XSS.This issue affects Gravel: from n/a through 1.6.
High
CVE-2025-31416
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AwesomeTOGI Awesome Event Booking awesome-event-booking allows Reflected XSS.This issue affects A…
High
CVE-2025-31389
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Introvoke Inc. dba Sequel.io Sequel sequel allows Reflected XSS.This issue affects Sequel: from n…
High
CVE-2025-31384
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Aviplugins Videos allows Reflected XSS.This issue affects Videos: from n/a through 1.0.5.
High
CVE-2025-22282
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in keksdieb ez Form Calculator Premium ez-form-calculator-premium allows Reflected XSS.This issue af…
2025-04-03
High
CVE-2025-31907
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Labib Ahmed Team Builder team-display allows Reflected XSS.This issue affects Team Builder: from…
High
CVE-2025-31905
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mark O'Donnell Team Rosters team-rosters allows Reflected XSS.This issue affects Team Rosters: fr…
High
CVE-2025-31903
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xavi Ivars XV Random Quotes xv-random-quotes allows Reflected XSS.This issue affects XV Random Qu…
High
CVE-2025-31902
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reputeinfosystems Social Share And Social Locker social-share-and-social-locker-arsocial allows R…
High
CVE-2025-31901
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Digihood Digihood HTML Sitemap wedesin-html-sitemap allows Reflected XSS.This issue affects Digih…
High
CVE-2025-31900
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lexicata Lexicata lexicata allows Reflected XSS.This issue affects Lexicata: from n/a through <=…
High
CVE-2025-31899
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpshopee Awesome Logos awesome-logos allows Reflected XSS.This issue affects Awesome Logos: from…
High
CVE-2025-31898
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dustinscarberry MediaView mediaview allows Reflected XSS.This issue affects MediaView: from n/a t…
High
CVE-2025-31626
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M. Ali Saleem Support Helpdesk Ticket System Lite ticket-help-desk-system-lite allows Reflected X…
High
CVE-2025-31536
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in moshensky CF7 Spreadsheets cf7-spreadsheets allows Reflected XSS.This issue affects CF7 Spreadshe…
High
CVE-2025-31468
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in scottsm WP_Identicon wp-identicon allows Reflected XSS.This issue affects WP_Identicon: from n/a…
High
CVE-2025-31467
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in miro.mannino Flickr Photostream flickr-photostream allows Reflected XSS.This issue affects Flickr…
High
CVE-2025-31442
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e1tekoap42 Search engine keywords highlighter keywords-highlight-tool allows Reflected XSS.This i…
High
CVE-2025-31436
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Angelo Mandato Blubrry PowerPress Podcasting plugin MultiSite add-on powerpress-multisite allows…