U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): xss
  • Search Type: Search All
There are 7,220 matching records.
Displaying matches 161 through 180.
Vuln ID Summary CVSS Severity
CVE-2024-29795

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Interfacelab Media Cloud for Amazon S3, Imgix, Google Cloud Storage, DigitalOcean Spaces and more allows Stored XSS.This issue affects Media Cloud for Amazon S3, Imgix, Google Cloud Storage, DigitalOcean Spaces and more: from n/a through 4.5.24.

Published: March 27, 2024; 9:15:51 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29794

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Conversios Conversios.Io allows Reflected XSS.This issue affects Conversios.Io: from n/a through 6.9.1.

Published: March 27, 2024; 9:15:50 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29793

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MailMunch MailChimp Forms by MailMunch allows Stored XSS.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.2.

Published: March 27, 2024; 9:15:50 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29792

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Reflected XSS.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.93.

Published: March 27, 2024; 9:15:50 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29791

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Reflected XSS.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 2.01.

Published: March 27, 2024; 9:15:50 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29790

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Squirrly SEO Plugin by Squirrly SEO allows Reflected XSS.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.3.16.

Published: March 27, 2024; 9:15:50 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29789

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Walter Pinem OneClick Chat to Order allows Stored XSS.This issue affects OneClick Chat to Order: from n/a through 1.0.5.

Published: March 27, 2024; 9:15:49 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29788

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Podlove Podlove Web Player allows Stored XSS.This issue affects Podlove Web Player: from n/a through 5.7.1.

Published: March 27, 2024; 9:15:49 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29777

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPMU DEV Forminator allows Reflected XSS.This issue affects Forminator: from n/a through 1.29.0.

Published: March 27, 2024; 9:15:49 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29775

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vinoth06. Frontend Dashboard allows Stored XSS.This issue affects Frontend Dashboard: from n/a through 2.2.1.

Published: March 27, 2024; 9:15:49 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29774

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpDirectoryKit WP Directory Kit allows Reflected XSS.This issue affects WP Directory Kit: from n/a through 1.2.9.

Published: March 27, 2024; 9:15:48 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29772

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stormhill Media MyBookTable Bookstore allows Stored XSS.This issue affects MyBookTable Bookstore: from n/a through 3.3.7.

Published: March 27, 2024; 9:15:48 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29771

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftLab Dracula Dark Mode - The Revolutionary Dark Mode Plugin For WordPress allows Stored XSS.This issue affects Dracula Dark Mode - The Revolutionary Dark Mode Plugin For WordPress: from n/a through 1.0.8.

Published: March 27, 2024; 9:15:48 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29770

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pretty Links Shortlinks by Pretty Links allows Reflected XSS.This issue affects Shortlinks by Pretty Links: from n/a through 3.6.2.

Published: March 27, 2024; 9:15:48 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29769

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Portfolio Gallery – Image Gallery Plugin allows Stored XSS.This issue affects Portfolio Gallery – Image Gallery Plugin: from n/a through 1.5.6.

Published: March 27, 2024; 9:15:48 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29768

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Astra allows Stored XSS.This issue affects Astra: from n/a through 4.6.4.

Published: March 27, 2024; 9:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29767

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wobbie.Nl Doneren met Mollie allows Reflected XSS.This issue affects Doneren met Mollie: from n/a through 2.10.2.

Published: March 27, 2024; 9:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29766

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StreamWeasels StreamWeasels Twitch Integration allows Stored XSS.This issue affects StreamWeasels Twitch Integration: from n/a through 1.7.5.

Published: March 27, 2024; 9:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-27091

GeoNode is a geospatial content management system, a platform for the management and publication of geospatial data. An issue exists within GEONODE where the current rich text editor is vulnerable to Stored XSS. The applications cookies are set securely, but it is possible to retrieve a victims CSRF token and issue a request to change another user's email address to perform a full account takeover. Due to the script element not impacting the CORS policy, requests will succeed. This vulnerability is fixed in 4.2.3.

Published: March 27, 2024; 9:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30186

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BdThemes Prime Slider – Addons For Elementor allows Stored XSS.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.1.

Published: March 27, 2024; 8:15:14 AM -0400
V3.x:(not available)
V2.0:(not available)