Medium
CVE-2024-35731
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Moose Kenta Gutenberg Blocks Responsive Blocks and block templates library for Gutenber…
Tag: Stored XSS
All CVEs associated with "Stored XSS". Page 28/45 • 5376 CVEs.
Subscribe CVEs: RSS for “Stored XSS” · RSS (High+Critical only)
About “Stored XSS”
A curated feed of “Stored XSS”-related CVEs appears below. We currently track 5376 CVEs for this tag (all time). In the last 365 days, 1195 were published. Average CVSS is 6.2 (all time; 6.4 over 365d), and 18% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-352 - Cross-Site Request Forgery (CSRF), CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS).
In our taxonomy this topic maps to a MODERATE impact class. Common exploitation patterns for this weakness can lead to moderate. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2024-06-08
Medium
CVE-2024-35756
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CeiKay Tooltip CK tooltip-ck allows Stored XSS.This issue affects Tooltip CK: from n/a thr…
Medium
CVE-2024-35755
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in El tiempo Weather Widget Pro allows Stored XSS.This issue affects Weather Widget Pro: from…
Medium
CVE-2024-35753
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TemplatesNext TemplatesNext OnePager allows Stored XSS.This issue affects TemplatesNext On…
2024-06-07
Medium
CVE-2024-5003
The WP Stacker WordPress plugin through 1.8.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored…
2024-06-06
Medium
CVE-2024-5278
gaizhenbiao/chuanhuchatgpt is vulnerable to an unrestricted file upload vulnerability due to insufficient validation of uploaded file types in its `/upload` endpoint. Specifically, the `handle_file_u…
2024-06-05
Medium
CVE-2024-20405
A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. This vuln…
2024-06-04
Medium
CVE-2024-34759
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in VideoWhisper Picture Gallery allows Stored XSS.This issue affects Picture Gallery: from n/…
Medium
CVE-2024-35651
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a th…
Medium
CVE-2024-35649
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF p…
Medium
CVE-2024-35782
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Codeless Cowidgets – Elementor Addons allows Stored XSS.This issue affects Cowidgets – Ele…
Medium
CVE-2024-35666
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themesflat Themesflat Addons For Elementor allows Stored XSS.This issue affects Themesflat…
Medium
CVE-2024-35654
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CyberChimps Responsive allows Stored XSS.This issue affects Responsive: from n/a through 5…
2024-06-03
Medium
CVE-2024-34770
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Popup Maker Popup Maker WP popup-maker-wp allows Stored XSS.This issue affects Popup Maker WP: fr…
Medium
CVE-2024-34769
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in cyclonetheme Elegant Blocks allows Stored XSS.This issue affects Elegant Blocks: from n/a…
Medium
CVE-2024-34767
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes ShopLentor allows Stored XSS.This issue affects ShopLentor: from n/a through 2.8…
Medium
CVE-2024-34766
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic ChaosTheory allows Stored XSS.This issue affects ChaosTheory: from n/a through…
Medium
CVE-2024-34764
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor allows Stored XSS.This issue affects Essential…
Medium
CVE-2024-34797
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Benoit Mercusot Simple Popup Manager allows Stored XSS.This issue affects Simple Popup Man…
Medium
CVE-2024-34796
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AccessAlly PopupAlly allows Stored XSS.This issue affects PopupAlly: from n/a through 2.1.…
Medium
CVE-2024-34793
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kharim Tomlinson WP Next Post Navi allows Stored XSS.This issue affects WP Next Post Navi:…
Medium
CVE-2024-34791
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpbean WPB Elementor Addons allows Stored XSS.This issue affects WPB Elementor Addons: fro…
Medium
CVE-2024-34790
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hans van Eijsden,niwreg ImageMagick Sharpen Resized Images allows Stored XSS.This issue af…
Medium
CVE-2024-34789
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Hait Post Grid Elementor Addon allows Stored XSS.This issue affects Post Grid Elementor…
Medium
CVE-2024-35640
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tomas Cordero Safety Exit allows Stored XSS.This issue affects Safety Exit: from n/a throu…
Medium
CVE-2024-35643
Cross Site Scripting (XSS) vulnerability in Xabier Miranda WP Back Button allows Stored XSS.This issue affects WP Back Button: from n/a through 1.1.3.
Medium
CVE-2024-35642
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bryan Hadaway Site Favicon allows Stored XSS.This issue affects Site Favicon: from n/a thr…
Medium
CVE-2024-35641
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in GregRoss Just Writing Statistics allows Stored XSS.This issue affects Just Writing Statist…
Medium
CVE-2024-37031
The Active Admin (aka activeadmin) framework before 3.2.2 for Ruby on Rails allows stored XSS in certain situations where users can create entities (to be later edited in forms) with arbitrary names,…
2024-06-02
Medium
CVE-2024-35647
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Global Notification Bar allows Stored XSS.This issue affects Global Notification Bar: from…
2024-05-31
Medium
CVE-2024-34000
ID numbers displayed in the lesson overview report required additional sanitizing to prevent a stored XSS risk.
Medium
CVE-2024-33998
Insufficient escaping of participants' names in the participants page table resulted in a stored XSS risk when interacting with some features.
Medium
CVE-2024-33997
Additional sanitizing was required when opening the equation editor to prevent a stored XSS risk when editing another user's equation.
2024-05-29
Medium
CVE-2024-36374
In JetBrains TeamCity before 2024.03.2 stored XSS via build step settings was possible
Medium
CVE-2024-36373
In JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible
Medium
CVE-2024-36371
In JetBrains TeamCity before 2023.05.6, 2023.11.5 stored XSS in Commit status publisher was possible
Medium
CVE-2024-36370
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was possible
Medium
CVE-2024-36369
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via issue tracker integration was possible
Medium
CVE-2024-36367
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via third-party reports was possible
Medium
CVE-2024-36363
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 several Stored XSS in code inspection reports were possible
Medium
CVE-2024-27313
Zoho ManageEngine PAM360 is vulnerable to Stored XSS vulnerability. This vulnerability is applicable only in the version 6610.
2024-05-27
Low
CVE-2024-27314
Zoho ManageEngine ServiceDesk Plus versions below 14730, ServiceDesk Plus MSP below 14720 and SupportCenter Plus below 14720 are vulnerable to stored XSS in the Custom Actions menu on the request det…
Medium
CVE-2024-4534
The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin…
2024-05-24
High
CVE-2023-49575
A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14, in Sync Breeze Enterprise Server 10.4.18 version, and in Disk Pulse Enterprise 10.4.18 version, that could allow…
High
CVE-2023-49574
A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14 that could allow an attacker to execute persistent XSS through /add_job in job_name. This vulnerability could all…
High
CVE-2023-49573
A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14 that could allow an attacker to execute persistent XSS through /add_command_action in action_value. This vulnerab…
High
CVE-2023-49572
A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14, and in Disk Pulse Enterprise 10.4.18 version, that could allow an attacker to execute persistent XSS through /se…
2024-05-23
High
CVE-2024-35224
OpenProject is the leading open source project management software. OpenProject utilizes `tablesorter` inside of the Cost Report feature. This dependency, when misconfigured, can lead to Stored XSS v…
Medium
CVE-2024-5165
In Eclipse Ditto versions 3.0.0 to 3.5.5, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutrali…
2024-05-17
High
CVE-2024-34058
The WebTop package for NethServer 7 and 8 allows stored XSS (for example, via the Subject field if an e-mail message).
Medium
CVE-2024-34575
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in deTheme DethemeKit For Elementor allows Stored XSS.This issue affects DethemeKit For Eleme…
Medium
CVE-2024-34567
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in GhozyLab, Inc. Popup Builder allows Stored XSS.This issue affects Popup Builder: from n/a…
Medium
CVE-2024-32800
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Felix Moira Popup More Popups allows Stored XSS.This issue affects Popup More Popups: from…
2024-05-16
Medium
CVE-2024-34805
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webvitaly iFrame allows Stored XSS.This issue affects iFrame: from n/a through 5.0.
Medium
CVE-2024-34760
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPBlockart Magazine Blocks allows Stored XSS.This issue affects Magazine Blocks: from n/a…
Medium
CVE-2024-35302
In JetBrains TeamCity before 2023.11 stored XSS during restore from backup was possible
Low
CVE-2024-35300
In JetBrains TeamCity between 2024.03 and 2024.03.1 several stored XSS in the available updates page were possible
2024-05-15
Low
CVE-2024-3823
The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make log…
2024-05-14
High
CVE-2024-28165
SAP Business Objects Business Intelligence Platform is vulnerable to stored XSS allowing an attacker to manipulate a parameter in the Opendocument URL which could lead to high impact on Confidentiali…
High
CVE-2024-4747
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Propovoice Propovoice CRM allows Stored XSS.This issue affects Propovoice CRM: from n/a through 1…
Medium
CVE-2024-3941
The reCAPTCHA Jetpack WordPress plugin through 0.2.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged-in admin add…
High
CVE-2024-3903
The Add Custom CSS and JS WordPress plugin through 1.20 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in as auth…
Medium
CVE-2024-3582
The UnGallery WordPress plugin through 2.2.4 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored X…
Medium
CVE-2024-35170
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hidden Depth Sticky banner allows Stored XSS.This issue affects Sticky banner: from n/a through 1…
Medium
CVE-2024-35167
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce allows Stored XSS.This issue affe…
Medium
CVE-2024-34811
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP SMS allows Stored XSS.This issue affects WP SMS: from n/a through 6.5.1.
High
CVE-2024-34707
Nautobot is a Network Source of Truth and Network Automation Platform. A Nautobot user with admin privileges can modify the `BANNER_TOP`, `BANNER_BOTTOM`, and `BANNER_LOGIN` configuration settings vi…
Medium
CVE-2024-34445
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor…
Medium
CVE-2024-34441
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bootstrapped Ventures Easy Affiliate Links allows Stored XSS.This issue affects Easy Affiliate Li…
Medium
CVE-2024-34437
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Stored XSS.This issue affects Form Maker by 10…
Medium
CVE-2024-34436
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor…
Medium
CVE-2024-34432
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BetterAddons Better Elementor Addons better-elementor-addons allows Stored XSS.This issue affects…
Medium
CVE-2024-34430
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rashed Latif TT Custom Post Type Creator allows Stored XSS.This issue affects TT Custom Post Type…
Medium
CVE-2024-34429
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Orchestrated Corona Virus (COVID-19) Banner & Live Data allows Stored XSS.This issue affects Coro…
Medium
CVE-2024-34428
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Harknell AWSOM News Announcement allows Stored XSS.This issue affects AWSOM News Announcement: fr…
Medium
CVE-2024-34426
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benoti Brozzme Scroll Top allows Stored XSS.This issue affects Brozzme Scroll Top: from n/a throu…
Medium
CVE-2024-34425
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Phil Baylog QuickieBar allows Stored XSS.This issue affects QuickieBar: from n/a through 1.8.4.
Medium
CVE-2024-34424
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iePlexus Featured Content Gallery allows Stored XSS.This issue affects Featured Content Gallery:…
Medium
CVE-2024-34423
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in phpbits Forty Four – 404 Plugin for WordPress allows Stored XSS.This issue affects Forty Four – 4…
Medium
CVE-2024-34422
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in trinhtuantai Viet Affiliate Link allows Stored XSS.This issue affects Viet Affiliate Link: from n…
Medium
CVE-2024-34421
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsurface BlogLentor allows Stored XSS.This issue affects BlogLentor: from n/a through 1.0.8.
Medium
CVE-2024-34420
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in talspotim Comments Evolved for WordPress allows Stored XSS.This issue affects Comments Evolved fo…
Medium
CVE-2024-34419
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nathan Vonnahme Configure Login Timeout allows Stored XSS.This issue affects Configure Login Time…
Medium
CVE-2024-34418
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tech9logy Creators WPCS ( WordPress Custom Search ) allows Stored XSS.This issue affects WPCS ( W…
Medium
CVE-2024-34417
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Toidicode.Com (thanhtaivtt) Viet Nam Affiliate allows Stored XSS.This issue affects Viet Nam Affi…
Medium
CVE-2024-34415
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Thim Elementor Kit allows Stored XSS.This issue affects Thim Elementor Kit: from n/a th…
Medium
CVE-2024-33955
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme Freesia Freesia Empire allows Stored XSS.This issue affects Freesia Empire: from n/a throug…
Medium
CVE-2024-33954
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atanas Yonkov Pliska allows Stored XSS.This issue affects Pliska: from n/a through 0.3.5.
Medium
CVE-2024-33953
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt van Andel Adventure Journal allows Stored XSS.This issue affects Adventure Journal: from n/a…
Medium
CVE-2024-33952
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Tadlock Unique allows Stored XSS.This issue affects Unique: from n/a through 0.3.0.
Medium
CVE-2024-33951
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adam DeHaven Perfect Pullquotes allows Stored XSS.This issue affects Perfect Pullquotes: from n/a…
2024-05-08
Medium
CVE-2024-34561
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Creative interactive media 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plu…
Medium
CVE-2024-34560
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GOMO gee Search Plus allows Stored XSS.This issue affects gee Search Plus: from n/a through 1.4.4.
Medium
CVE-2024-34558
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF allows Stored XSS.This issue affects WOLF: from n/a through 1.0.8.2.
Medium
CVE-2024-34548
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.4.8.
Medium
CVE-2024-34547
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor alam Magical Addons For Elementor allows Stored XSS.This issue affects Magical Addons For El…
Medium
CVE-2024-34414
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nobita allows Stored XSS.This issue affects raindrops: from n/a through 1.600.
Medium
CVE-2024-34570
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS.This issue affects Xpro Elementor Addons: from n/a t…
Medium
CVE-2024-34568
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeqx LetterPress allows Stored XSS.This issue affects LetterPress: from n/a through 1.2.1.
Medium
CVE-2024-34566
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Johan van der Wijk Content Blocks (Custom Post Widget) allows Stored XSS.This issue affects Conte…
Medium
CVE-2024-34565
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Debug Info allows Stored XSS.This issue affects Debug Info: from n/a through 1.3.10.
Medium
CVE-2024-34564
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LogicHunt Inc. Counter Up allows Stored XSS.This issue affects Counter Up: from n/a through 2.2.1.
Medium
CVE-2024-34563
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoldAddons Gold Addons for Elementor allows Stored XSS.This issue affects Gold Addons for Element…
Medium
CVE-2024-34562
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Element…
Medium
CVE-2024-34572
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemePrix Fancy Elementor Flipbox fancy-elementor-flipbox allows Stored XSS.This issue affects Fa…
Medium
CVE-2024-34571
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGrill Himalayas allows Stored XSS.This issue affects Himalayas: from n/a through 1.3.0.
Medium
CVE-2024-34574
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wpsoul Table Maker allows Stored XSS.This issue affects Table Maker: from n/a through 1.9.1.
Medium
CVE-2024-34573
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pootlepress Pootle Pagebuilder – WordPress Page builder allows Stored XSS.This issue affects Poot…
2024-05-06
Medium
CVE-2024-34413
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SliceWP allows Stored XSS.This issue affects SliceWP: from n/a through 1.1.10.
Medium
CVE-2024-34390
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AddonMaster Post Grid Master allows Stored XSS.This issue affects Post Grid Master: from n/a thro…
Medium
CVE-2024-34381
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PropertyHive allows Stored XSS.This issue affects PropertyHive: from n/a through 2.0.10.
Medium
CVE-2024-34380
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuantumCloud Conversational Forms for ChatBot allows Stored XSS.This issue affects Conversational…
Medium
CVE-2024-34376
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme Freesia Edge allows Stored XSS.This issue affects Edge: from n/a through 2.0.9.
Medium
CVE-2024-34375
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPPOOL Sheets To WP Table Live Sync allows Stored XSS.This issue affects Sheets To WP Table Live…
Medium
CVE-2024-34374
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuomodoSoft ElementsReady Addons for Elementor allows Stored XSS.This issue affects ElementsReady…
Medium
CVE-2024-34366
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AltText.Ai Download Alt Text AI allows Stored XSS.This issue affects Download Alt Text AI: from n…
2024-05-03
Medium
CVE-2024-33927
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team GIPHY Giphypress allows Stored XSS.This issue affects Giphypress: from n/a through 1.6.2.
Medium
CVE-2024-33926
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Karl Kiesinger GWP-Histats allows Stored XSS.This issue affects GWP-Histats: from n/a through 1.0.
Medium
CVE-2024-33918
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maxim K AJAX Login and Registration modal popup + inline form allows Stored XSS.This issue affect…
Medium
CVE-2024-33916
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MachoThemes CPO Companion allows Stored XSS.This issue affects CPO Companion: from n/a through 1.…