Medium
CVE-2024-50445
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in merkulove Selection Lite selection-lite allows Stored XSS.This issue affects Selection Lite: from…
Tag: Stored XSS
All CVEs associated with "Stored XSS". Page 24/45 • 5376 CVEs.
Subscribe CVEs: RSS for “Stored XSS” · RSS (High+Critical only)
About “Stored XSS”
A curated feed of “Stored XSS”-related CVEs appears below. We currently track 5376 CVEs for this tag (all time). In the last 365 days, 1195 were published. Average CVSS is 6.2 (all time; 6.4 over 365d), and 18% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-352 - Cross-Site Request Forgery (CSRF), CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS).
In our taxonomy this topic maps to a MODERATE impact class. Common exploitation patterns for this weakness can lead to moderate. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2024-10-28
Medium
CVE-2024-50441
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks cozy-addons allows Stored XSS.This issue affects Cozy Blocks: from n/a thr…
Medium
CVE-2024-50440
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Coyier CodePen Embedded Pens Shortcode codepen-embedded-pen-shortcode allows Stored XSS.Thi…
Medium
CVE-2024-50439
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Astra Widgets astra-widgets allows Stored XSS.This issue affects Astra Widgets:…
Medium
CVE-2024-50582
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible due to improper HTML sanitization in markdown elements
Medium
CVE-2024-50578
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via sprint value on agile boards page
Medium
CVE-2024-50577
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings
Medium
CVE-2024-50576
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via vendor URL in App manifest
Medium
CVE-2024-50472
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in martindrapeau Amilia Store amilia-store allows Stored XSS.This issue affects Amilia Store: from n…
2024-10-25
Medium
CVE-2022-30360
OvalEdge 5.2.8.0 and earlier is affected by multiple Stored XSS (AKA Persistent or Type II) vulnerabilities via a POST request to /profile/updateProfile via the slackid or phone parameters. Authentic…
2024-10-24
Medium
CVE-2024-45031
When editing objects in the Syncope Console, incomplete HTML tags could be used to bypass HTML sanitization. This made it possible to inject stored XSS payloads which would trigger for other users du…
Medium
CVE-2024-49702
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal myCred Elementor mycred-for-elementor allows Stored XSS.This issue affects myCred Elem…
Medium
CVE-2024-49696
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robosoft Robo Gallery robo-gallery allows Stored XSS.This issue affects Robo Gallery: from n/a th…
Medium
CVE-2024-49695
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spiffy Plugins WP Flow Plus wp-imageflow2 allows Stored XSS.This issue affects WP Flow Plus: from…
Medium
CVE-2024-49693
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kraft Plugins Mega Elements mega-elements-addons-for-elementor allows Stored XSS.This issue affec…
2024-10-23
Medium
CVE-2024-20387
A vulnerability in the web-based management interface of Cisco FMC Software could allow an authenticated, remote attacker to store malicious content for use in XSS attacks. This vulnerability is due…
2024-10-20
High
CVE-2024-49629
Cross-Site Request Forgery (CSRF) vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Stored XSS.This issue affects Endless Posts Navigation: from n/a through <= 2…
High
CVE-2024-49605
Cross-Site Request Forgery (CSRF) vulnerability in Stefan Nour AVChat Video Chat avchat-3 allows Stored XSS.This issue affects AVChat Video Chat: from n/a through <= 2.2.
High
CVE-2024-49335
Cross-Site Request Forgery (CSRF) vulnerability in sh4d0w28 GoogleDrive folder list googledrive-folder-list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through <= 2.2.2.
Medium
CVE-2024-49631
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Md Abdul Kader Easy Addons for Elementor easy-addons-for-elementor allows Stored XSS.This issue a…
Medium
CVE-2024-49630
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems WP Education wp-education allows Stored XSS.This issue affects WP Education: from n/a th…
Medium
CVE-2024-48049
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mighty Plugins Mighty Builder mighty-builder allows Stored XSS.This issue affects Mighty Builder:…
2024-10-18
Medium
CVE-2024-43300
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bert Movie Database movie-database allows Stored XSS.This issue affects Movie Database: from n/a…
Medium
CVE-2024-49231
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cyclop WordPress Video wordpress-video allows Stored XSS.This issue affects WordPress Video: from…
Medium
CVE-2024-49228
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Edwin Rivera bVerse Convert bverse-convert allows Stored XSS.This issue affects bVerse Convert: f…
Medium
CVE-2024-49225
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in swebdeveloper wpPricing Builder wppricing-builder-lite-responsive-pricing-table-builder allows St…
2024-10-17
Medium
CVE-2024-49288
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme Email Template Customizer for WooCommerce email-template-customizer-for-woo allows Sto…
Medium
CVE-2024-49282
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dFactory Responsive Lightbox responsive-lightbox allows Stored XSS.This issue affects Responsive…
Medium
CVE-2024-49281
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Ninja Team Click to Chat – WP Support All-in-One Floating Widget support-chat allows Stored…
Medium
CVE-2024-49280
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Weblizar - WordPress Themes & Plugin Lightbox slider – Responsive Lightbox Gallery simple-lightbo…
Medium
CVE-2024-49279
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel Floeter Hyperlink Group Block hyperlink-group-block allows Stored XSS.This issue affects H…
High
CVE-2024-49278
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in omnipressteam Omnipress omnipress allows Stored XSS.This issue affects Omnipress: from n/a throug…
Medium
CVE-2024-49277
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saiful Islam UltraAddons Elementor Lite ultraaddons-elementor-lite allows Stored XSS.This issue a…
Medium
CVE-2024-49264
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicheaddons Events Addon for Elementor events-addon-for-elementor allows Stored XSS.This issue af…
Medium
CVE-2024-49263
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takashi Matsuyama My Favorites my-favorites allows Stored XSS.This issue affects My Favorites: fr…
Medium
CVE-2024-49262
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wepic Country Flags for Elementor allows Stored XSS.This issue affects Country Flags for E…
Medium
CVE-2024-49259
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicheaddons Primary Addon for Elementor primary-addon-for-elementor allows Stored XSS.This issue…
Medium
CVE-2024-49255
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniele Alessandra Da Reactions da-reactions allows Stored XSS.This issue affects Da Reactions: f…
Medium
CVE-2024-49311
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WisdmLabs Edwiser Bridge edwiser-bridge allows Stored XSS.This issue affects Edwiser Bridge: from…
Medium
CVE-2024-49310
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themesflat themesflat-addons-for-elementor themesflat-addons-for-elementor allows Stored XSS.This…
Medium
CVE-2024-49307
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpseek Admin Management Xtended admin-management-xtended allows Stored XSS.This issue affects Ad…
Medium
CVE-2024-49302
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in portfoliohub WordPress Portfolio Builder – Portfolio Gallery uber-grid allows Stored XSS.This iss…
Medium
CVE-2024-49301
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sinan Yorulmaz G Meta Keywords g-meta-keywords allows Stored XSS.This issue affects G Meta Keywor…
Medium
CVE-2024-49298
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice pepro-ultimate-invoice allows Stored XSS.This issue af…
Medium
CVE-2024-49296
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JC Custom Add to Cart Button Label and Link woo-custom-cart-button allows Stored XSS.This issue a…
Medium
CVE-2024-49295
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PressTigers Simple Testimonials Showcase simple-testimonials-showcase allows Stored XSS.This issu…
Medium
CVE-2024-49292
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim Strifler Exclusive Addons Elementor exclusive-addons-for-elementor allows Stored XSS.This iss…
Medium
CVE-2024-49289
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gora Tech LLC Cooked Pro allows Stored XSS.This issue affects Cooked Pro: from n/a before…
High
CVE-2024-49313
Cross-Site Request Forgery (CSRF) vulnerability in rudestan VKontakte Wall Post vkontakte-wall-post allows Stored XSS.This issue affects VKontakte Wall Post: from n/a through <= 2.0.
Medium
CVE-2024-49304
Cross-Site Request Forgery (CSRF) vulnerability in DOTonPAPER Pinpoint Booking System booking-system allows Stored XSS.This issue affects Pinpoint Booking System: from n/a through <= 2.9.9.5.7.
High
CVE-2024-49237
Cross-Site Request Forgery (CSRF) vulnerability in ahmeti Ahmeti Wp Timeline ahmeti-wp-timeline allows Stored XSS.This issue affects Ahmeti Wp Timeline: from n/a through <= 5.1.
High
CVE-2024-48048
Cross-Site Request Forgery (CSRF) vulnerability in GabbyKhrmon Wsify Widget wsify-widget allows Stored XSS.This issue affects Wsify Widget: from n/a through <= 1.0.
Medium
CVE-2024-48046
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in supsystic Contact Form by Supsystic contact-form-by-supsystic allows Stored XSS.This issue affect…
Medium
CVE-2024-48025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dogrow Simple Baseball Scoreboard simple-baseball-scoreboard allows Stored XSS.This issue affects…
Medium
CVE-2024-48022
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SysBasics Shortcode For Elementor Templates allows Stored XSS.This issue affects Shortcode…
Medium
CVE-2024-49593
In Advanced Custom Fields (ACF) before 6.3.9 and Secure Custom Fields before 6.3.6.3 (plugins for WordPress), using the Field Group editor to edit one of the plugin's fields can result in execution o…
2024-10-16
Medium
CVE-2024-49267
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nayon46 Unlimited Addon For Elementor unlimited-addon-for-elementor allows Stored XSS.This issue…
Medium
CVE-2024-49270
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hashthemes Smart Blocks smart-blocks allows Stored XSS.This issue affects Smart Blocks: from n/a…
2024-10-11
Medium
CVE-2024-48041
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Tooltip Glossary enhanced-tooltipglossary allows Stored XSS.This issue…
2024-10-08
Low
CVE-2024-47951
In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings
Low
CVE-2024-47950
In JetBrains TeamCity before 2024.07.3 stored XSS was possible in Backup configuration settings
Medium
CVE-2024-9021
In the process of testing the Relevanssi WordPress plugin before 4.23.1, a vulnerability was found that allows you to implement Stored XSS on behalf of the Contributor+ by embedding malicious script…
2024-10-07
Medium
CVE-2024-43365
Cacti is an open source performance and fault management framework. The`consolenewsection` parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewse…
Medium
CVE-2024-43364
Cacti is an open source performance and fault management framework. The `title` parameter is not properly sanitized when saving external links in links.php . Morever, the said title parameter is stor…
High
CVE-2024-43362
Cacti is an open source performance and fault management framework. The `fileurl` parameter is not properly sanitized when saving external links in `links.php` . Morever, the said fileurl is placed i…
2024-10-06
Medium
CVE-2024-47650
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Axton WP-WebAuthn wp-webauthn allows Stored XSS.This issue affects WP-WebAuthn: from n/a through…
Medium
CVE-2024-44040
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in plainware ShiftController Employee Shift Scheduling shiftcontroller allows Stored XSS.This issue…
Medium
CVE-2024-44039
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Travel WP Travel wp-travel allows Stored XSS.This issue affects WP Travel: from n/a through <=…
Medium
CVE-2024-44037
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in magepeopleteam Multipurpose Ticket Booking Manager bus-booking-manager allows Stored XSS.This iss…
Medium
CVE-2024-44036
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre Lebedel Kodex Posts likes kodex-posts-likes allows Stored XSS.This issue affects Kodex Pos…
Medium
CVE-2024-44035
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atawai Gum Elementor Addon gum-elementor-addon allows Stored XSS.This issue affects Gum Elementor…
Medium
CVE-2024-44033
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicheaddons Primary Addon for Elementor primary-addon-for-elementor allows Stored XSS.This issue…
Medium
CVE-2024-44032
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicheaddons Restaurant & Cafe Addon for Elementor restaurant-cafe-addon-for-elementor allows Stor…
High
CVE-2024-44028
Cross-Site Request Forgery (CSRF) vulnerability in nicejob NiceJob nicejob allows Stored XSS.This issue affects NiceJob: from n/a through < 3.6.5.
Medium
CVE-2024-44027
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atawai Gum Elementor Addon gum-elementor-addon allows Stored XSS.This issue affects Gum Elementor…
Medium
CVE-2024-44026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicheaddons Charity Addon for Elementor charity-addon-for-elementor allows Stored XSS.This issue…
Medium
CVE-2024-44025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicejob NiceJob nicejob allows Stored XSS.This issue affects NiceJob: from n/a through < 3.6.5.
Medium
CVE-2024-44024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicheaddons Medical Addon for Elementor medical-addon-for-elementor allows Stored XSS.This issue…
Medium
CVE-2024-44022
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Trustmary Review & testimonial widgets trustmary allows Stored XSS.This issue affects Review & te…
Medium
CVE-2024-44010
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchthemes Full frame full-frame allows Stored XSS.This issue affects Full frame: from n/a throu…
High
CVE-2024-47320
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mark Westguard WS Form LITE ws-form allows Stored XSS.This issue affects WS Form LITE: from n/a t…
Medium
CVE-2024-47313
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchthemes Catch Base catch-base allows Stored XSS.This issue affects Catch Base: from n/a throu…
Medium
CVE-2024-47310
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Ligh…
Medium
CVE-2024-47307
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Essential Plugin Meta slider and carousel with lightbox meta-slider-and-carousel-with-lightbox al…
High
CVE-2024-47306
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection-subscri…
High
CVE-2024-47301
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bit Apps Bit Form bit-form allows Stored XSS.This issue affects Bit Form: from n/a through <= 2.1…
High
CVE-2024-47300
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Imran Tauqeer CubeWP Forms cubewp-forms allows Stored XSS.This issue affects CubeWP Forms: from n…
Medium
CVE-2024-47299
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows S…
Medium
CVE-2024-47298
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Builder bold-page-builder allows Stored XSS.This issue affects Bold Page Bui…
Medium
CVE-2024-44046
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify – WooCommerce Product Filter themify-wc-product-filter allows Stored XSS.This i…
Medium
CVE-2024-44045
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kevon Adonis WP Abstracts wp-abstracts-manuscripts-manager allows Stored XSS.This issue affects W…
Medium
CVE-2024-44043
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Stored XSS.This issue affects Photo Gallery by…
Medium
CVE-2024-44042
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood WP Datepicker wp-datepicker allows Stored XSS.This issue affects WP Datepicker: fro…
Medium
CVE-2024-44041
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Northern Beaches Websites IdeaPush ideapush allows Stored XSS.This issue affects IdeaPush: from n…
Medium
CVE-2024-47355
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks cozy-addons allows Stored XSS.This issue affects Cozy Blocks: from n/a thr…
High
CVE-2024-47352
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WP Bulk Delete wp-bulk-delete allows Stored XSS.This issue affects WP Bulk Delete: f…
Medium
CVE-2024-47345
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Starter Templates astra-sites allows Stored XSS.This issue affects Starter Templ…
Medium
CVE-2024-47343
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kraft Plugins Mega Elements mega-elements-addons-for-elementor allows Stored XSS.This issue affec…
Medium
CVE-2024-47342
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Accordion accordions allows Stored XSS.This issue affects Accordion: from n/a through…
Medium
CVE-2024-47340
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Gr…
Medium
CVE-2024-47336
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vladimir Statsenko Terms descriptions terms-descriptions allows Stored XSS.This issue affects Ter…
Medium
CVE-2024-47332
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wowDevs Sky Addons for Elementor sky-elementor-addons allows Stored XSS.This issue affects Sky Ad…
Medium
CVE-2024-47368
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Blocks – Gutenberg Blocks for WordPress premium-blocks-for-gutenberg allows Stored…
Medium
CVE-2024-47366
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPVibes Elementor Addon Elements addon-elements-for-elementor-page-builder allows Stored XSS.This…
Medium
CVE-2024-47365
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atakan Au Automatically Hierarchic Categories in Menu automatically-hierarchic-categories-in-menu…
Medium
CVE-2024-47364
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in moveaddons Move Addons for Elementor move-addons allows Stored XSS.This issue affects Move Addons…
Medium
CVE-2024-47363
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blockspare Blockspare blockspare allows Stored XSS.This issue affects Blockspare: from n/a throug…
Medium
CVE-2024-47357
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Stored XSS.This issue affec…
Medium
CVE-2024-47356
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchthemes Create create allows Stored XSS.This issue affects Create: from n/a through <= 2.9.1.
2024-10-05
Medium
CVE-2024-47377
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themekraft BuddyForms buddyforms allows Stored XSS.This issue affects BuddyForms: from n/a throug…
Medium
CVE-2024-47375
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webangon XLTab – Accordions and Tabs for Elementor Page Builder xl-tab allows Stored XSS.This iss…
High
CVE-2024-47374
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects LiteS…
Medium
CVE-2024-47373
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects LiteS…
Medium
CVE-2024-47372
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeNcode LLC TNC PDF viewer allows Stored XSS.This issue affects TNC PDF viewer: from n/…
Medium
CVE-2024-47371
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Walter Pinem WP MyLinks wp-mylinks allows Stored XSS.This issue affects WP MyLinks: from n/a thro…
Medium
CVE-2024-47370
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paul Bearne Author Avatars List/Block author-avatars allows Stored XSS.This issue affects Author…
Medium
CVE-2024-47623
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Gallery Lightbox gallery-lightbox-slider allows Stored XSS.This issue affects Gallery Li…
Medium
CVE-2024-47622
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ILLID Advanced Woo Labels advanced-woo-labels allows Stored XSS.This issue affects Advanced Woo L…
Medium
CVE-2024-47621
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Katie Zotpress zotpress allows Stored XSS.This issue affects Zotpress: from n/a through <= 7.3.10.
Medium
CVE-2024-47393
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mohamed Magdy Quill Forms quillforms allows Stored XSS.This issue affects Quill Forms: from n/a t…