Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): xss
- Search Type: Search Last 3 Months
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-20405 |
A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected device. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device. Published: June 05, 2024; 1:15:12 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2024-34759 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in VideoWhisper Picture Gallery allows Stored XSS.This issue affects Picture Gallery: from n/a through 1.5.11. Published: June 04, 2024; 3:20:03 PM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2024-35653 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in visualcomposer.Com Visual Composer Website Builder allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a through 45.8.0. Published: June 04, 2024; 11:15:46 AM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2024-35652 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Saso Nikolov Event Tickets with Ticket Scanner allows Reflected XSS.This issue affects Event Tickets with Ticket Scanner: from n/a through 2.3.1. Published: June 04, 2024; 11:15:46 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2024-35651 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a through 5.2.2. Published: June 04, 2024; 11:15:46 AM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2024-35649 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF plugin by Pdfcrowd: from n/a through 3.2.3. Published: June 04, 2024; 11:15:46 AM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2024-35782 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Codeless Cowidgets – Elementor Addons allows Stored XSS.This issue affects Cowidgets – Elementor Addons: from n/a through 1.1.1. Published: June 04, 2024; 10:15:14 AM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2024-35668 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue allows Reflected XSS.This issue affects Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue: from n/a through 3.1.77. Published: June 04, 2024; 10:15:13 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2024-35666 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themesflat Themesflat Addons For Elementor allows Stored XSS.This issue affects Themesflat Addons For Elementor: from n/a through 2.1.2. Published: June 04, 2024; 10:15:13 AM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2024-35664 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPvivid Team WPvivid Backup for MainWP allows Reflected XSS.This issue affects WPvivid Backup for MainWP: from n/a through 0.9.32. Published: June 04, 2024; 10:15:13 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2024-35655 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brave Brave Popup Builder allows Stored XSS.This issue affects Brave Popup Builder: from n/a through 0.6.9. Published: June 04, 2024; 10:15:13 AM -0400 |
V4.0:(not available) V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2024-35654 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CyberChimps Responsive allows Stored XSS.This issue affects Responsive: from n/a through 5.0.3. Published: June 04, 2024; 10:15:12 AM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-49852 |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Vsourz Digital Responsive Slick Slider WordPress allows Code Injection.This issue affects Responsive Slick Slider WordPress: from n/a through 1.4. Published: June 04, 2024; 8:15:10 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2023-48285 |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Tips and Tricks HQ Stripe Payments allows Code Injection.This issue affects Stripe Payments: from n/a through 2.0.79. Published: June 04, 2024; 7:15:48 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2023-47663 |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Menno Luitjes Foyer allows Code Injection.This issue affects Foyer: from n/a through 1.7.5. Published: June 04, 2024; 6:15:11 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2023-47513 |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in ARI Soft ARI Stream Quiz allows Code Injection.This issue affects ARI Stream Quiz: from n/a through 1.3.2. Published: June 04, 2024; 6:15:11 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2023-46310 |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in gVectors Team wpDiscuz allows Code Injection.This issue affects wpDiscuz: from n/a through 7.6.10. Published: June 04, 2024; 6:15:10 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2023-45635 |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WP Darko Responsive Tabs allows Code Injection.This issue affects Responsive Tabs: from n/a before 4.0.6. Published: June 04, 2024; 6:15:10 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2023-45053 |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in pluginever WP Content Pilot – Autoblogging & Affiliate Marketing Plugin allows Code Injection.This issue affects WP Content Pilot – Autoblogging & Affiliate Marketing Plugin: from n/a through 1.3.3. Published: June 04, 2024; 6:15:08 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2023-40557 |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in PickPlugins Tabs & Accordion allows Code Injection.This issue affects Tabs & Accordion: from n/a through 1.3.10. Published: June 04, 2024; 4:15:09 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |