) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): xss
- Search Type: Search All
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2025-32609 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Picture-Planet GmbH Verowa Connect allows Reflected XSS. This issue affects Verowa Connect: from n/a through 3.0.4. Published: April 17, 2025; 12:15:46 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32608 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Movylo Movylo Marketing Automation allows Reflected XSS. This issue affects Movylo Marketing Automation: from n/a through 2.0.7. Published: April 17, 2025; 12:15:46 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32606 |
Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar Listings for Buildium allows Stored XSS. This issue affects Listings for Buildium: from n/a through 0.1.4. Published: April 17, 2025; 12:15:46 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32605 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in expresstechsoftware MemberPress Discord Addon allows Reflected XSS. This issue affects MemberPress Discord Addon: from n/a through 1.1.1. Published: April 17, 2025; 12:15:46 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32604 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sajjad Aslani AWSA Shipping allows Reflected XSS. This issue affects AWSA Shipping: from n/a through 1.3.0. Published: April 17, 2025; 12:15:46 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32602 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aiiddqd WooMS allows Reflected XSS. This issue affects WooMS: from n/a through 9.12. Published: April 17, 2025; 12:15:45 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32592 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 TableOn – WordPress Posts Table Filterable allows Stored XSS. This issue affects TableOn – WordPress Posts Table Filterable: from n/a through 1.0.3. Published: April 17, 2025; 12:15:45 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32590 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tzin111 Web2application allows Reflected XSS. This issue affects Web2application: from n/a through 5.6. Published: April 17, 2025; 12:15:45 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32588 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Credova Financial Credova_Financial allows Reflected XSS. This issue affects Credova_Financial: from n/a through 2.4.8. Published: April 17, 2025; 12:15:45 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32582 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EXEIdeas International WP AutoKeyword allows Stored XSS. This issue affects WP AutoKeyword: from n/a through 1.0. Published: April 17, 2025; 12:15:44 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32578 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mapro Collins Coming Soon Countdown allows Reflected XSS. This issue affects Coming Soon Countdown: from n/a through 2.2. Published: April 17, 2025; 12:15:44 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32566 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashraful Sarkar Naiem License For Envato allows Reflected XSS. This issue affects License For Envato: from n/a through 1.0.0. Published: April 17, 2025; 12:15:44 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32564 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tomroyal Stop Registration Spam allows Reflected XSS. This issue affects Stop Registration Spam: from n/a through 1.24. Published: April 17, 2025; 12:15:44 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32562 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aviplugins.com WP Easy Poll allows Reflected XSS. This issue affects WP Easy Poll: from n/a through 2.2.9. Published: April 17, 2025; 12:15:43 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32561 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in plugins.club WP_DEBUG Toggle allows Reflected XSS. This issue affects WP_DEBUG Toggle: from n/a through 1.1. Published: April 17, 2025; 12:15:43 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32560 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mohammad I. Okfie WP-Hijri allows Reflected XSS. This issue affects WP-Hijri: from n/a through 1.5.3. Published: April 17, 2025; 12:15:43 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32557 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rico Macchi WP Featured Screenshot allows Reflected XSS. This issue affects WP Featured Screenshot: from n/a through 1.3. Published: April 17, 2025; 12:15:43 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32554 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raptive Raptive Ads allows Reflected XSS. This issue affects Raptive Ads: from n/a through 3.7.3. Published: April 17, 2025; 12:15:43 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32552 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory MSRP (RRP) Pricing for WooCommerce allows Reflected XSS. This issue affects MSRP (RRP) Pricing for WooCommerce: from n/a through 1.8.1. Published: April 17, 2025; 12:15:43 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-32548 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in borisolhor Hamburger Icon Menu Lite allows Reflected XSS. This issue affects Hamburger Icon Menu Lite: from n/a through 1.0. Published: April 17, 2025; 12:15:43 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |