High
CVE-2025-53575
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in primersoftware Primer MyData for Woocommerce allows Reflected XSS. This issue affects Primer MyDa…
Read moreTag: Reflected XSS
All CVEs associated with "Reflected XSS". Page 1/1 • 48 CVEs.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2025-08-14
Medium
CVE-2025-54683
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Astoundify WP Modal Popup with Cookie Integration allows Reflected XSS. This issue affects WP Mod…
Read more
High
CVE-2025-52788
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Russell Jamieson CaptionPix allows Reflected XSS. This issue affects CaptionPix: from n/a through…
Read more
High
CVE-2025-49064
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webilop User Language Switch allows Reflected XSS. This issue affects User Language Switch: from…
Read more
High
CVE-2025-49063
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in i3geek BaiduXZH Submit(百度熊掌号) allows Reflected XSS. This issue affects BaiduXZH Submit(百度熊掌号): fr…
Read more
High
CVE-2025-49062
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cornfeed WP-jScrollPane allows Reflected XSS. This issue affects WP-jScrollPane: from n/a through…
Read more
High
CVE-2025-49058
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sound Strategies SoundSt SEO Search allows Reflected XSS. This issue affects SoundSt SEO Search:…
Read more
High
CVE-2025-49057
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ko Min WP Voting allows Reflected XSS. This issue affects WP Voting: from n/a through 1.8.
Read more
High
CVE-2025-49056
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shen2 多说社会化评论框 allows Reflected XSS. This issue affects 多说社会化评论框: from n/a through 1.2.
Read more
High
CVE-2025-49054
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mrdenny Time Sheets allows Reflected XSS. This issue affects Time Sheets: from n/a through 2.1.3.
Read more
High
CVE-2025-49038
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Soflyy WP Dynamic Links allows Reflected XSS. This issue affects WP Dynamic Links: from n/a throu…
Read more
High
CVE-2025-49037
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Federico Rota Authentication and xmlrpc log writer allows Reflected XSS. This issue affects Authe…
Read more
High
CVE-2025-47689
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in johnh10 Video Blogster Lite allows Reflected XSS. This issue affects Video Blogster Lite: from n/…
Read more
High
CVE-2025-31007
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alvind Billplz Addon for Contact Form 7 allows Reflected XSS. This issue affects Billplz Addon fo…
Read more
High
CVE-2025-30626
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Multimedia Playlist Slider Addon for WPBakery Page Builder allows Reflected XSS. Thi…
Read more
High
CVE-2025-29014
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZoomIt FoodMenu allows Reflected XSS. This issue affects FoodMenu: from n/a through 1.20.
Read more
High
CVE-2025-28999
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZoomIt WooCommerce Shop Page Builder allows Reflected XSS. This issue affects WooCommerce Shop Pa…
Read more
High
CVE-2025-28975
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in redqteam Alike - WordPress Custom Post Comparison allows Reflected XSS. This issue affects Alike…
Read more2025-08-08
High
CVE-2020-9322
The /users endpoint in Statamic Core before 2.11.8 allows XSS to add an administrator user. This can be exploited via CSRF. Stored XSS can occur via a JavaScript payload in a username during account…
Read more2025-08-06
Medium
CVE-2025-32430
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 4.2-milestone-3 through 16.4.7, 16.5.0-rc-1 through 16.10.5 and 17.0.0-rc-1 throug…
Read more2025-07-28
Medium
CVE-2025-54534
In JetBrains TeamCity before 2025.07 reflected XSS was possible on the agentpushPreset page
Read more2025-07-23
Medium
CVE-2025-54295
A Reflected XSS vulnerability in DJ-Reviews component 1.0-1.3.6 for Joomla was discovered.
Read more2025-07-22
Medium
CVE-2025-4284
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Rolantis Information Technologies Agentis allows Reflected XSS, DOM-Based XSS.This issue a…
Read more2025-07-21
High
CVE-2025-53528
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in FastAPI. In versions before 5.4.3, the version parameter of the "/docs" endpoint is vulnerable to a Reflected XSS…
Read more2025-07-18
Medium
CVE-2025-50056
A reflected XSS vulnerability in RSMail! component 1.19.20 - 1.22.26 28 Joomla was discovered. The issue allows remote attackers to inject arbitrary web script or HTML via the crafted parameter.
Read more2025-07-16
Medium
CVE-2025-53926
Emlog is an open source website building system. A cross-site scripting (XSS) vulnerability in emlog up to and including pro-2.5.17 allows remote attackers to inject arbitrary web script or HTML via…
Read more
High
CVE-2025-52787
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EZiHosting Tennis Court Bookings allows Reflected XSS. This issue affects Tennis Court Bookings:…
Read more
High
CVE-2025-52786
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kingdom Creation Media Folder allows Reflected XSS. This issue affects Media Folder: from n/a thr…
Read more
High
CVE-2025-52779
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in karimmughal Dot html,php,xml etc pages allows Reflected XSS. This issue affects Dot html,php,xml…
Read more
High
CVE-2025-52777
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmsMinds Pay with Contact Form 7 allows Reflected XSS. This issue affects Pay with Contact Form 7…
Read more
High
CVE-2025-49031
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stefan M. SMu Manual DoFollow allows Reflected XSS. This issue affects SMu Manual DoFollow: from…
Read more
High
CVE-2025-48345
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arisoft Contact Form 7 Editor Button allows Reflected XSS. This issue affects Contact Form 7 Edit…
Read more
High
CVE-2025-47652
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Infility Infility Global allows Reflected XSS. This issue affects Infility Global: from n/a throu…
Read more
High
CVE-2025-47554
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs CSS3 Compare Pricing Tables for WordPress allows Reflected XSS. This issue affects C…
Read more
High
CVE-2025-46500
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ValvePress Wordpress Auto Spinner allows Reflected XSS. This issue affects Wordpress Auto Spinner…
Read more
High
CVE-2025-31427
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designthemes Invico - WordPress Consulting Business Theme allows Reflected XSS. This issue affect…
Read more
High
CVE-2025-31072
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designthemes Ofiz - WordPress Business Consulting Theme allows Reflected XSS. This issue affects…
Read more
High
CVE-2025-31055
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vergatheme Electrician - Electrical Service WordPress allows Reflected XSS. This issue affects El…
Read more
High
CVE-2025-30955
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GT3themes ListingEasy allows Reflected XSS. This issue affects ListingEasy: from n/a through 1.9.…
Read more2025-06-27
High
CVE-2025-49321
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arraytics Eventin allows Reflected XSS. This issue affects Eventin: from n/a through 4.0.28.
Read more2025-04-01
High
CVE-2025-30844
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Watu Quiz allows Reflected XSS. This issue affects Watu Quiz: from n/a through 3.4.2.
Read more2025-02-24
High
CVE-2025-26530
The question bank filter required additional sanitizing to prevent a reflected XSS risk.
Read more2025-01-21
High
CVE-2025-22763
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Brizy Pro allows Reflected XSS. This issue affects Brizy Pro: from n/a through 2.6.1.
Read more2024-10-05
High
CVE-2024-47384
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Compress WP Compress – Image Optimizer [All-In-One] allows Reflected XSS.This issue aff…
Read more2024-08-29
High
CVE-2024-43958
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gianni Porto IntoTheDark allows Reflected XSS.This issue affects IntoTheDark: from n/a thr…
Read more2024-08-21
High
CVE-2024-21690
This High severity Reflected XSS and CSRF (Cross-Site Request Forgery) vulnerability was introduced in versions 7.19.0, 7.20.0, 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.7.1, 8.8.0, and 8.9.…
Read more2024-08-18
High
CVE-2024-43238
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in weDevs weMail allows Reflected XSS.This issue affects weMail: from n/a through 1.14.5.
Read more2024-03-26
High
CVE-2023-33322
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Etoile Web Design Front End Users allows Reflected XSS.This issue affects Front End Users: from n…
Read more