U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): xss
  • Search Type: Search All
There are 7,218 matching records.
Displaying matches 521 through 540.
Vuln ID Summary CVSS Severity
CVE-2024-22159

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional allows Reflected XSS.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.

Published: January 31, 2024; 2:15:09 PM -0500
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-22158

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles allows Stored XSS.This issue affects Community by PeepSo – Social Network, Membership, Registration, User Profiles: from n/a before 6.3.1.0.

Published: January 31, 2024; 2:15:09 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2024-22153

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood & Alexandre Faustino Stock Locations for WooCommerce allows Stored XSS.This issue affects Stock Locations for WooCommerce: from n/a through 2.5.9.

Published: January 31, 2024; 2:15:09 PM -0500
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2024-22150

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PWR Plugins Portfolio & Image Gallery for WordPress | PowerFolio allows Stored XSS.This issue affects Portfolio & Image Gallery for WordPress | PowerFolio: from n/a through 3.1.

Published: January 31, 2024; 2:15:09 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2024-22146

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magazine3 Schema & Structured Data for WP & AMP allows Stored XSS.This issue affects Schema & Structured Data for WP & AMP: from n/a through 1.25.

Published: January 31, 2024; 2:15:08 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2024-22297

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeboxr CBX Map for Google Map & OpenStreetMap allows Stored XSS.This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through 1.1.11.

Published: January 31, 2024; 1:15:49 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2024-22295

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery allows Stored XSS.This issue affects Photo Gallery, Images, Slider in Rbs Image Gallery: from n/a through 3.2.17.

Published: January 31, 2024; 1:15:49 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2024-22293

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrea Tarantini BP Profile Search allows Reflected XSS.This issue affects BP Profile Search: from n/a through 5.5.

Published: January 31, 2024; 1:15:49 PM -0500
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-22292

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Delower WP To Do allows Stored XSS.This issue affects WP To Do: from n/a through 1.2.8.

Published: January 31, 2024; 1:15:49 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2024-22289

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cybernetikz Post views Stats allows Reflected XSS.This issue affects Post views Stats: from n/a through 1.3.

Published: January 31, 2024; 1:15:48 PM -0500
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-22286

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aluka BA Plus – Before & After Image Slider FREE allows Reflected XSS.This issue affects BA Plus – Before & After Image Slider FREE: from n/a through 1.0.3.

Published: January 31, 2024; 1:15:48 PM -0500
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-22282

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Torbert SimpleMap Store Locator allows Reflected XSS.This issue affects SimpleMap Store Locator: from n/a through 2.6.1.

Published: January 31, 2024; 1:15:48 PM -0500
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-22163

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shield Security Shield Security – Smart Bot Blocking & Intrusion Prevention Security allows Stored XSS.This issue affects Shield Security – Smart Bot Blocking & Intrusion Prevention Security: from n/a through 18.5.7.

Published: January 31, 2024; 1:15:48 PM -0500
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-22162

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM Shortcodes allows Reflected XSS.This issue affects WPZOOM Shortcodes: from n/a through 1.0.1.

Published: January 31, 2024; 1:15:47 PM -0500
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-22161

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Harmonic Design HD Quiz allows Stored XSS.This issue affects HD Quiz: from n/a through 1.8.11.

Published: January 31, 2024; 1:15:47 PM -0500
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2024-22160

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bradley B. Dalina Image Tag Manager allows Reflected XSS.This issue affects Image Tag Manager: from n/a through 1.5.

Published: January 31, 2024; 1:15:47 PM -0500
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2023-50166

Pega Platform from 8.5.4 to 8.8.3 is affected by an XSS issue with an unauthenticated user and the redirect parameter.

Published: January 31, 2024; 1:15:46 PM -0500
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-22310

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Formzu Inc. Formzu WP allows Stored XSS.This issue affects Formzu WP: from n/a through 1.6.7.

Published: January 31, 2024; 12:15:38 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2024-22307

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for eBay allows Reflected XSS.This issue affects WP-Lister Lite for eBay: from n/a through 3.5.7.

Published: January 31, 2024; 12:15:36 PM -0500
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-22306

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hometory Mang Board WP allows Stored XSS.This issue affects Mang Board WP: from n/a through 1.7.7.

Published: January 31, 2024; 12:15:35 PM -0500
V3.1: 4.8 MEDIUM
V2.0:(not available)