U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): xss
  • Search Type: Search All
There are 11,605 matching records.
Displaying matches 441 through 460.
Vuln ID Summary CVSS Severity
CVE-2025-39442

Cross-Site Request Forgery (CSRF) vulnerability in MessageMetric Review Wave – Google Places Reviews allows Stored XSS. This issue affects Review Wave – Google Places Reviews: from n/a through 1.4.7.

Published: April 17, 2025; 12:15:54 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39441

Cross-Site Request Forgery (CSRF) vulnerability in swedish boy Dashboard Notepads allows Stored XSS. This issue affects Dashboard Notepads: from n/a through 1.2.1.

Published: April 17, 2025; 12:15:54 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39440

Cross-Site Request Forgery (CSRF) vulnerability in Rajesh Broken Links Remover allows Stored XSS. This issue affects Broken Links Remover: from n/a through 1.2.2.

Published: April 17, 2025; 12:15:54 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39435

Cross-Site Request Forgery (CSRF) vulnerability in davidfcarr My Marginalia allows Stored XSS. This issue affects My Marginalia: from n/a through 1.0.6.

Published: April 17, 2025; 12:15:53 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39433

Cross-Site Request Forgery (CSRF) vulnerability in beke_ro Bknewsticker allows Stored XSS. This issue affects Bknewsticker: from n/a through 1.0.5.

Published: April 17, 2025; 12:15:53 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39432

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in antonchanning bbPress2 shortcode whitelist allows Stored XSS. This issue affects bbPress2 shortcode whitelist: from n/a through 2.2.1.

Published: April 17, 2025; 12:15:53 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39431

Cross-Site Request Forgery (CSRF) vulnerability in Aaron Forgue Amazon Showcase WordPress Plugin allows Stored XSS. This issue affects Amazon Showcase WordPress Plugin: from n/a through 2.2.

Published: April 17, 2025; 12:15:53 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39430

Cross-Site Request Forgery (CSRF) vulnerability in Alexander Rauscha mLanguage allows Stored XSS. This issue affects mLanguage: from n/a through 1.6.1.

Published: April 17, 2025; 12:15:53 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39428

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maros Pristas Gravity Forms CSS Themes with Fontawesome and Placeholders allows Stored XSS. This issue affects Gravity Forms CSS Themes with Fontawesome and Placeholders: from n/a through 8.5.

Published: April 17, 2025; 12:15:52 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39427

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Beth Tucker Long WP Post to PDF Enhanced allows Stored XSS. This issue affects WP Post to PDF Enhanced: from n/a through 1.1.1.

Published: April 17, 2025; 12:15:52 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39424

Cross-Site Request Forgery (CSRF) vulnerability in simplemaps Simple Maps allows Stored XSS. This issue affects Simple Maps: from n/a through 0.98.

Published: April 17, 2025; 12:15:52 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39423

Cross-Site Request Forgery (CSRF) vulnerability in Jenst Add to Header allows Stored XSS. This issue affects Add to Header: from n/a through 1.0.

Published: April 17, 2025; 12:15:52 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39422

Cross-Site Request Forgery (CSRF) vulnerability in PResponsive WP Social Bookmarking allows Stored XSS. This issue affects WP Social Bookmarking: from n/a through 3.6.

Published: April 17, 2025; 12:15:52 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39421

Cross-Site Request Forgery (CSRF) vulnerability in Mustafa KUCUK WP Sticky Side Buttons allows Stored XSS. This issue affects WP Sticky Side Buttons: from n/a through 2.1.

Published: April 17, 2025; 12:15:51 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39420

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ruudkok WP Twitter Button allows Stored XSS. This issue affects WP Twitter Button: from n/a through 1.4.1.

Published: April 17, 2025; 12:15:51 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39419

Cross-Site Request Forgery (CSRF) vulnerability in David Miller Revision Diet allows Stored XSS. This issue affects Revision Diet: from n/a through 1.0.1.

Published: April 17, 2025; 12:15:51 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39418

Cross-Site Request Forgery (CSRF) vulnerability in ajayver RSS Manager allows Stored XSS. This issue affects RSS Manager: from n/a through 0.06.

Published: April 17, 2025; 12:15:51 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39417

Cross-Site Request Forgery (CSRF) vulnerability in Eslam Mahmoud Redirect wordpress to welcome or landing page allows Stored XSS. This issue affects Redirect wordpress to welcome or landing page: from n/a through 2.0.

Published: April 17, 2025; 12:15:51 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39416

Cross-Site Request Forgery (CSRF) vulnerability in Ichi translit it! allows Stored XSS. This issue affects translit it!: from n/a through 1.6.

Published: April 17, 2025; 12:15:51 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-39415

Cross-Site Request Forgery (CSRF) vulnerability in Jayesh Parejiya Social Media Links allows Stored XSS. This issue affects Social Media Links: from n/a through 1.0.3.

Published: April 17, 2025; 12:15:51 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)