Medium
CVE-2024-32831
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lorna Timbah (webgrrrl) Accessibility Widget allows Stored XSS.This issue affects Accessibility W…
Tag: Stored XSS
All CVEs associated with "Stored XSS". Page 29/45 • 5376 CVEs.
Subscribe CVEs: RSS for “Stored XSS” · RSS (High+Critical only)
About “Stored XSS”
A curated feed of “Stored XSS”-related CVEs appears below. We currently track 5376 CVEs for this tag (all time). In the last 365 days, 1195 were published. Average CVSS is 6.2 (all time; 6.4 over 365d), and 18% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-352 - Cross-Site Request Forgery (CSRF), CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS).
In our taxonomy this topic maps to a MODERATE impact class. Common exploitation patterns for this weakness can lead to moderate. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2024-05-03
Medium
CVE-2024-33945
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in solverwp.Com Eleblog – Elementor Blog And Magazine Addons allows Stored XSS.This issue affects El…
Medium
CVE-2024-33943
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HappyKite Ultimate Under Construction allows Stored XSS.This issue affects Ultimate Under Constru…
Medium
CVE-2024-33940
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashan Jay EventON allows Stored XSS.This issue affects EventON: from n/a through 2.2.14.
Medium
CVE-2024-33936
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Twinpictures Print-O-Matic allows Stored XSS.This issue affects Print-O-Matic: from n/a through 2…
Medium
CVE-2024-33935
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pascal Bajorat PB MailCrypt allows Stored XSS.This issue affects PB MailCrypt: from n/a through 3…
Medium
CVE-2024-33934
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kailey Lampert Mini Loops allows Stored XSS.This issue affects Mini Loops: from n/a through 1.4.1.
Medium
CVE-2024-33932
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vinod Dalvi Login Logout Register Menu allows Stored XSS.This issue affects Login Logout Register…
Medium
CVE-2024-34401
Savsoft Quiz 6.0 allows stored XSS via the index.php/quiz/insert_quiz/ quiz_name parameter.
2024-05-02
Medium
CVE-2024-33949
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vark Min and Max Purchase for WooCommerce allows Stored XSS.This issue affects Min and Max Purcha…
Medium
CVE-2024-33948
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixel Industry TweetScroll Widget allows Stored XSS.This issue affects TweetScroll Widget: from n…
Medium
CVE-2024-4433
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mr Digital Simple Image Popup allows Stored XSS.This issue affects Simple Image Popup: from n/a t…
2024-04-29
Medium
CVE-2024-33684
Missing Authorization vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF plugin by Pdfcrowd: from n/a through 3.2.0.
Medium
CVE-2024-33631
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor Pro allows Stored XSS.This issue affects Piotnet Addons For…
Medium
CVE-2024-33630
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elem…
Medium
CVE-2024-33540
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGrill ColorNews allows Stored XSS.This issue affects ColorNews: from n/a through 1.2.6.
Medium
CVE-2024-33539
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM WPZOOM Addons for Elementor (Templates, Widgets) allows Stored XSS.This issue affects WPZO…
Medium
CVE-2024-33537
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme Horse WP Portfolio allows Stored XSS.This issue affects WP Portfolio: from n/a through 2.4.
Medium
CVE-2024-33649
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpOpal Opal Widgets For Elementor allows Stored XSS.This issue affects Opal Widgets For Elementor…
Medium
CVE-2024-33643
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kailey Lampert Advanced Most Recent Posts Mod allows Stored XSS.This issue affects Advanced Most…
Medium
CVE-2024-33640
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LBell Pretty Google Calendar allows Stored XSS.This issue affects Pretty Google Calendar: from n/…
2024-04-26
Low
CVE-2024-3076
The MM-email2image WordPress plugin through 0.2.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Sto…
Medium
CVE-2024-4234
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sayful Islam Filterable Portfolio allows Stored XSS.This issue affects Filterable Portfolio: from…
Medium
CVE-2024-33697
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rimes Gold CF7 File Download – File Download for CF7 allows Stored XSS.This issue affects CF7 Fil…
Medium
CVE-2024-33696
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Broadstreet XPRESS WordPress Ad Widget allows Stored XSS.This issue affects WordPress Ad Widget:…
Medium
CVE-2024-33695
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeNcode Fan Page Widget by ThemeNcode allows Stored XSS.This issue affects Fan Page Widget by…
Medium
CVE-2024-33694
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Meks Meks ThemeForest Smart Widget allows Stored XSS.This issue affects Meks ThemeForest Smart Wi…
Medium
CVE-2024-33693
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Meks Meks Smart Social Widget allows Stored XSS.This issue affects Meks Smart Social Widget: from…
Medium
CVE-2024-33692
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Satrya Smart Recent Posts Widget allows Stored XSS.This issue affects Smart Recent Posts Widget:…
Medium
CVE-2024-33642
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EkoJR Advanced Post List allows Stored XSS.This issue affects Advanced Post List: from n/a throug…
Medium
CVE-2024-33639
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AccessAlly PopupAlly allows Stored XSS.This issue affects PopupAlly: from n/a through 2.1.1.
Medium
CVE-2024-33598
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Twinpictures Annual Archive allows Stored XSS.This issue affects Annual Archive: from n/a through…
Medium
CVE-2024-3058
The ENL Newsletter WordPress plugin through 1.0.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Sto…
2024-04-24
Medium
CVE-2024-32707
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Image Slider Widget allows Stored XSS.This issue affects Image Slider Widget: from n/a t…
Medium
CVE-2024-32723
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Code Tides Advanced Floating Content allows Stored XSS.This issue affects Advanced Floating Conte…
Medium
CVE-2024-32722
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Coupon & Discount Code Reveal Button allows Stored XSS.This issue affects Coupon & Discount Code…
Medium
CVE-2024-32721
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jegtheme Jeg Elementor Kit allows Stored XSS.This issue affects Jeg Elementor Kit: from n/a throu…
Medium
CVE-2024-32834
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee WooCommerce Shipping Label allows Stored XSS.This issue affects WooCommerce Shipping La…
Medium
CVE-2024-32833
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick Halsey List Custom Taxonomy Widget allows Stored XSS.This issue affects List Custom Taxonomy…
Medium
CVE-2024-32801
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShapedPlugin Widget Post Slider allows Stored XSS.This issue affects Widget Post Slider: from n/a…
2024-04-22
Medium
CVE-2024-32697
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HelloAsso allows Stored XSS.This issue affects HelloAsso: from n/a through 1.1.5.
Medium
CVE-2024-32696
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuantumCloud Infographic Maker – iList allows Stored XSS.This issue affects Infographic Maker – i…
Medium
CVE-2024-32690
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood RSS Feed Widget allows Stored XSS.This issue affects RSS Feed Widget: from n/a thro…
2024-04-19
Medium
CVE-2024-2761
The Genesis Blocks WordPress plugin before 3.1.3 does not properly escape data input provided to some of its blocks, allowing using with at least contributor privileges to conduct Stored XSS attacks.
2024-04-18
Medium
CVE-2024-32552
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tagbox Taggbox allows Stored XSS.This issue affects Taggbox: from n/a through 3.2.
Medium
CVE-2023-49768
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Stored XSS.This issue affects WP-FormAssembl…
Medium
CVE-2024-32586
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Munir Kamal Gutenberg Block Editor Toolkit allows Stored XSS.This issue affects Gutenberg Block E…
Medium
CVE-2024-32584
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StandaloneTech TeraWallet – For WooCommerce allows Stored XSS.This issue affects TeraWallet – For…
High
CVE-2024-32582
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bowo Debug Log Manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through 2…
Medium
CVE-2024-32581
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lenderd Mortgage Calculators WP allows Stored XSS.This issue affects Mortgage Calculators WP: fro…
Medium
CVE-2024-32580
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta Master Slider allows Stored XSS.This issue affects Master Slider: from n/a through 3.9.8.
Medium
CVE-2024-32579
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GloriaFood Restaurant Menu – Food Ordering System – Table Reservation allows Stored XSS.This issu…
Medium
CVE-2024-32577
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeboxr Team CBX Bookmark & Favorite cbxwpbookmark allows Stored XSS.This issue affects CBX Book…
Medium
CVE-2024-32576
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: fr…
Medium
CVE-2024-32575
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1…
Medium
CVE-2024-32572
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BdThemes Element Pack Elementor Addons allows Stored XSS.This issue affects Element Pack Elemento…
Medium
CVE-2024-32571
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in naa986 WP Stripe Checkout allows Stored XSS.This issue affects WP Stripe Checkout: from n/a throu…
Medium
CVE-2024-32569
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metaphor Creations Ditty allows Stored XSS.This issue affects Ditty: from n/a through 3.1.31.
Medium
CVE-2024-32565
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Appcheap.Io App Builder allows Stored XSS.This issue affects App Builder: from n/a through 3.8.8.
High
CVE-2024-32562
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Stored XSS.This issue affects Z Y N I T H: from n/a through…
Medium
CVE-2024-32561
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tagembed allows Stored XSS.This issue affects Tagembed: from n/a through 4.7.
Medium
CVE-2024-32560
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sharabindu QR Code Composer allows Stored XSS.This issue affects QR Code Composer: from n/a throu…
Medium
CVE-2024-32556
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nabil Lemsieh HurryTimer allows Stored XSS.This issue affects HurryTimer: from n/a through 2.9.2.
Medium
CVE-2024-32554
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Knight Lab Knight Lab Timeline allows Stored XSS.This issue affects Knight Lab Timeline: from n/a…
Medium
CVE-2024-32598
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: fr…
Medium
CVE-2024-32597
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Stored XSS.This issue affects WordPress Importer: from n/a…
Medium
CVE-2024-32596
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eric-Oliver Mächler DSGVO Youtube allows Stored XSS.This issue affects DSGVO Youtube: from n/a th…
Medium
CVE-2024-32594
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AttesaWP Attesa Extra allows Stored XSS.This issue affects Attesa Extra: from n/a through 1.3.9.
Medium
CVE-2024-32593
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addon…
Medium
CVE-2024-32592
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VoidCoders, innovs Void Elementor WHMCS Elements For Elementor Page Builder allows Stored XSS.Thi…
Medium
CVE-2024-32591
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniele De Rosa Backend Designer allows Stored XSS.This issue affects Backend Designer: from n/a…
Medium
CVE-2024-32590
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webfood Kattene allows Stored XSS.This issue affects Kattene: from n/a through 1.7.
Medium
CVE-2024-2729
The Otter Blocks WordPress plugin before 2.6.6 does not properly escape its mainHeadings blocks' attribute before appending it to the final rendered block, allowing contributors to conduct Stored XS…
2024-04-17
Medium
CVE-2024-32472
excalidraw is an open source virtual hand-drawn style whiteboard. A stored XSS vulnerability in Excalidraw's web embeddable component. This allows arbitrary JavaScript to be run in the context of the…
Medium
CVE-2024-32530
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PressTigers Simple Testimonials Showcase allows Stored XSS.This issue affects Simple Testimonials…
Medium
CVE-2024-32529
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Momoyoga Yoga Schedule Momoyoga allows Stored XSS.This issue affects Yoga Schedule Momoyoga: from…
Medium
CVE-2024-32527
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jotform Jotform Online Forms allows Stored XSS.This issue affects Jotform Online Forms: from n/a…
Medium
CVE-2024-32526
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Flector Easy Textillate allows Stored XSS.This issue affects Easy Textillate: from n/a through 2.…
Medium
CVE-2024-32508
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in deTheme DethemeKit For Elementor allows Stored XSS.This issue affects DethemeKit For Elementor: f…
Medium
CVE-2024-32457
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The CSSIgniter Team Elements Plus! allows Stored XSS.This issue affects Elements Plus!: from n/a…
Medium
CVE-2024-32456
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvoThemes Envo Extra allows Stored XSS.This issue affects Envo Extra: from n/a through 1.8.11.
Medium
CVE-2024-32130
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paystack Payment Forms for Paystack allows Stored XSS.This issue affects Payment Forms for Paysta…
High
CVE-2024-32541
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tobias Battenberg WP-Cufon allows Stored XSS.This issue affects WP-Cufon: from n/a through 1.6.10.
Medium
CVE-2024-32540
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Web357 Fixed HTML Toolbar allows Stored XSS.This issue affects Fixed HTML Toolbar: from n/a throu…
Medium
CVE-2024-32539
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomUnited WP File Download Light allows Stored XSS.This issue affects WP File Download Light: fr…
Medium
CVE-2024-32538
Cross-Site Request Forgery (CSRF) vulnerability in Joshua Eldridge Easy CountDowner allows Stored XSS.This issue affects Easy CountDowner: from n/a through 1.0.8.
Medium
CVE-2024-32536
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Trade Pips WP TradingView allows Stored XSS.This issue affects WP TradingView: from n/a through 1…
Medium
CVE-2024-32534
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Stored XSS.This issue affects Form Maker by 10…
High
CVE-2024-32550
Cross-Site Request Forgery (CSRF) vulnerability in BMI Adult & Kid Calculator allows Stored XSS.This issue affects BMI Adult & Kid Calculator: from n/a through 1.2.1.
Medium
CVE-2024-32548
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hideki Tanaka What's New Generator allows Stored XSS.This issue affects What's New Generator: fro…
2024-04-16
High
CVE-2023-40000
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from…
Medium
CVE-2024-32557
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Exclusive Addons Exclusive Addons Elementor allows Stored XSS.This issue affects Exclusive Addons…
2024-04-15
High
CVE-2024-30545
Cross-Site Request Forgery (CSRF) vulnerability in Nick Powers Social Author Bio allows Stored XSS.This issue affects Social Author Bio: from n/a through 2.4.
Medium
CVE-2024-32453
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POEditor allows Stored XSS.This issue affects POEditor: from n/a through 0.9.8.
Medium
CVE-2024-32429
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPChill Remove Footer Credit allows Stored XSS.This issue affects Remove Footer Credit: from n/a…
Medium
CVE-2024-32428
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moss Web Works MWW Disclaimer Buttons allows Stored XSS.This issue affects MWW Disclaimer Buttons…
Medium
CVE-2024-32147
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Form Plugin Team - GhozyLab Easy Contact Form Lite allows Stored XSS.This issue affects Easy Cont…
Medium
CVE-2024-32079
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Dempfle Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a th…
2024-04-13
Medium
CVE-2024-2583
The WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 7.0.5 does not properly escape some of its shortcodes attributes before they are echoed back to users, making it possible for us…
2024-04-12
Medium
CVE-2022-40211
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GiveWP allows Stored XSS.This issue affects GiveWP: from n/a through 2.25.1.
High
CVE-2024-3092
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. A payload may lead to a Stored XSS while using t…
High
CVE-2024-2279
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 to 16.8.6 all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. Using…
2024-04-11
Medium
CVE-2024-32083
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Varun Kumar Easy Logo allows Stored XSS.This issue affects Easy Logo: from n/a through 1.9.3.
Medium
CVE-2024-31937
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visitor Analytics TWIPLA (Visitor Analytics IO) allows Stored XSS.This issue affects TWIPLA (Visi…
Medium
CVE-2024-31931
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Save as Image plugin by Pdfcrowd allows Stored XSS.This issue affects Save as Image plugin by Pdf…
Medium
CVE-2024-31930
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF plugin b…
Medium
CVE-2024-31928
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Darko Top Bar allows Stored XSS.This issue affects Top Bar: from n/a through 3.0.5.
Medium
CVE-2024-31927
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aminur Islam WP Login and Logout Redirect allows Stored XSS.This issue affects WP Login and Logou…
Medium
CVE-2024-31926
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BracketSpace Advanced Cron Manager – debug & control allows Stored XSS.This issue affects Advance…
Medium
CVE-2024-31925
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FAKTOR VIER F4 Improvements allows Stored XSS.This issue affects F4 Improvements: from n/a throug…
Medium
CVE-2024-31387
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Popup LikeBox Team Popup Like box allows Stored XSS.This issue affects Popup Like box: from n/a t…
Medium
CVE-2024-31361
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bunny.Net allows Stored XSS.This issue affects bunny.Net: from n/a through 2.0.1.
High
CVE-2024-31285
Cross-Site Request Forgery (CSRF) vulnerability in Tooltip WordPress Tooltips allows Stored XSS.This issue affects WordPress Tooltips: from n/a through 9.5.3.
Medium
CVE-2024-32080
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick Pelton Search Keyword Redirect allows Stored XSS.This issue affects Search Keyword Redirect:…
Medium
CVE-2024-27991
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SupportCandy allows Stored XSS.This issue affects SupportCandy: from n/a through 3.2.3.
Medium
CVE-2024-27990
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Moneytizer allows Stored XSS.This issue affects The Moneytizer: from n/a through 9.5.20.
Medium
CVE-2024-27989
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs allows Stored X…
Medium
CVE-2024-27988
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WEN Themes WEN Responsive Columns allows Stored XSS.This issue affects WEN Responsive Columns: fr…
Medium
CVE-2024-27969
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Enhanced Free Downloads WooCommerce allows Stored XSS.This issue affects Free Downloads WooCom…
Medium
CVE-2024-27966
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExpressTech Quiz And Survey Master allows Stored XSS.This issue affects Quiz And Survey Master: f…