U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): xss
  • Search Type: Search All
There are 8,105 matching records.
Displaying matches 701 through 720.
Vuln ID Summary CVSS Severity
CVE-2024-34460

The Tree Explorer tool from Organizer in Zenario before 9.5.60602 is affected by XSS. (This component was removed in 9.5.60602.)

Published: May 04, 2024; 1:15:06 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-34449

Vditor 3.10.3 allows XSS via an attribute of an A element. NOTE: the vendor indicates that a user is supposed to mitigate this via sanitize=true.

Published: May 03, 2024; 12:15:11 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-33927

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team GIPHY Giphypress allows Stored XSS.This issue affects Giphypress: from n/a through 1.6.2.

Published: May 03, 2024; 4:15:08 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-33926

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Karl Kiesinger GWP-Histats allows Stored XSS.This issue affects GWP-Histats: from n/a through 1.0.

Published: May 03, 2024; 4:15:08 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-33924

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Realtyna Realtyna Organic IDX plugin allows Reflected XSS.This issue affects Realtyna Organic IDX plugin: from n/a through 4.14.4.

Published: May 03, 2024; 4:15:08 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-33918

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maxim K AJAX Login and Registration modal popup + inline form allows Stored XSS.This issue affects AJAX Login and Registration modal popup + inline form: from n/a through 2.23.

Published: May 03, 2024; 4:15:08 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-33916

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MachoThemes CPO Companion allows Stored XSS.This issue affects CPO Companion: from n/a through 1.1.0.

Published: May 03, 2024; 4:15:07 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-32831

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lorna Timbah (webgrrrl) Accessibility Widget allows Stored XSS.This issue affects Accessibility Widget: from n/a through 2.2.

Published: May 03, 2024; 4:15:07 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-33947

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic allows Reflected XSS.This issue affects RegistrationMagic: from n/a through 5.3.2.0.

Published: May 03, 2024; 3:15:40 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-33946

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPify s.R.O. WPify Woo Czech allows Reflected XSS.This issue affects WPify Woo Czech: from n/a through 4.0.10.

Published: May 03, 2024; 3:15:40 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-33945

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in solverwp.Com Eleblog – Elementor Blog And Magazine Addons allows Stored XSS.This issue affects Eleblog – Elementor Blog And Magazine Addons: from n/a through 1.8.

Published: May 03, 2024; 3:15:40 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-33943

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HappyKite Ultimate Under Construction allows Stored XSS.This issue affects Ultimate Under Construction: from n/a through 1.9.3.

Published: May 03, 2024; 3:15:39 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-33940

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashan Jay EventON allows Stored XSS.This issue affects EventON: from n/a through 2.2.14.

Published: May 03, 2024; 3:15:39 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-33936

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Twinpictures Print-O-Matic allows Stored XSS.This issue affects Print-O-Matic: from n/a through 2.1.10.

Published: May 03, 2024; 3:15:39 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-33935

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pascal Bajorat PB MailCrypt allows Stored XSS.This issue affects PB MailCrypt: from n/a through 3.1.0.

Published: May 03, 2024; 3:15:39 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-33934

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kailey Lampert Mini Loops allows Stored XSS.This issue affects Mini Loops: from n/a through 1.4.1.

Published: May 03, 2024; 3:15:39 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-33932

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vinod Dalvi Login Logout Register Menu allows Stored XSS.This issue affects Login Logout Register Menu: from n/a through 2.0.

Published: May 03, 2024; 3:15:38 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-33928

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeBard CodeBard's Patron Button and Widgets for Patreon allows Reflected XSS.This issue affects CodeBard's Patron Button and Widgets for Patreon: from n/a through 2.2.0.

Published: May 03, 2024; 3:15:38 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-34401

Savsoft Quiz 6.0 allows stored XSS via the index.php/quiz/insert_quiz/ quiz_name parameter.

Published: May 02, 2024; 9:15:48 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2024-4216

pgAdmin <= 8.5 is affected by XSS vulnerability in /settings/store API response json payload. This vulnerability allows attackers to execute malicious script at the client end.

Published: May 02, 2024; 2:15:07 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)