U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): xss
There are 7,917 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2024-37422

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Emilia Projects Progress Planner allows Stored XSS.This issue affects Progress Planner: from n/a through 0.9.2.

Published: July 22, 2024; 5:15:09 AM -0400 		V4.0:(not available)
 V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2024-37416

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Reflected XSS.This issue affects WP Photo Album Plus: from n/a through 8.8.00.002.

Published: July 22, 2024; 5:15:09 AM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-37414

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.0.2.

Published: July 22, 2024; 5:15:08 AM -0400 		V4.0:(not available)
 V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2024-37409

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Beaver Addons PowerPack Lite for Beaver Builder allows Stored XSS.This issue affects PowerPack Lite for Beaver Builder: from n/a through 1.3.0.4.

Published: July 22, 2024; 5:15:08 AM -0400 		V4.0:(not available)
 V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2024-37275

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NextScripts allows Reflected XSS.This issue affects NextScripts: from n/a through 4.4.6.

Published: July 22, 2024; 5:15:08 AM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-37271

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Nelson Print My Blog allows Stored XSS.This issue affects Print My Blog: from n/a through 3.27.0.

Published: July 22, 2024; 5:15:07 AM -0400 		V4.0:(not available)
 V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2024-37267

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in kaptinlin Striking allows Reflected XSS.This issue affects Striking: from n/a through 2.3.4.

Published: July 22, 2024; 5:15:07 AM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-37265

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Gibson IdeaPush allows Stored XSS.This issue affects IdeaPush: from n/a through 8.60.

Published: July 22, 2024; 5:15:07 AM -0400 		V4.0:(not available)
 V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2024-37264

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Groundhogg Inc. Groundhogg allows Reflected XSS.This issue affects Groundhogg: from n/a through 3.4.2.3.

Published: July 22, 2024; 5:15:07 AM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-37263

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeLooks Enter Addons enteraddons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.6.

Published: July 22, 2024; 5:15:06 AM -0400 		V4.0:(not available)
 V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2024-37262

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita allows Reflected XSS.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.4.2.

Published: July 22, 2024; 5:15:06 AM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-37261

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for Amazon allows Reflected XSS.This issue affects WP-Lister Lite for Amazon: from n/a through 2.6.16.

Published: July 22, 2024; 5:15:06 AM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-37259

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended allows Reflected XSS.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through 2.4.7.

Published: July 22, 2024; 5:15:06 AM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-37258

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Social Rocket allows Reflected XSS.This issue affects Social Rocket: from n/a through 1.3.3.

Published: July 22, 2024; 5:15:05 AM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-37257

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Maciej Bis Permalink Manager Lite allows Reflected XSS.This issue affects Permalink Manager Lite: from n/a through 2.4.3.3.

Published: July 22, 2024; 5:15:05 AM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-37246

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jethin Gallery Slideshow allows Stored XSS.This issue affects Gallery Slideshow: from n/a through 1.4.1.

Published: July 22, 2024; 5:15:05 AM -0400 		V4.0:(not available)
 V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2024-37245

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Vsourz Digital All In One Redirection allows Reflected XSS.This issue affects All In One Redirection: from n/a through 2.2.0.

Published: July 22, 2024; 5:15:05 AM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2024-37457

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ultimate Blocks Ultimate Blocks – Gutenberg Blocks Plugin allows Stored XSS.This issue affects Ultimate Blocks – Gutenberg Blocks Plugin: from n/a through 3.1.9.

Published: July 21, 2024; 7:15:02 PM -0400 		V4.0:(not available)
 V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2024-37447

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PixelYourSite PixelYourSite – Your smart PIXEL (TAG) Manager allows Stored XSS.This issue affects PixelYourSite – Your smart PIXEL (TAG) Manager: from n/a through 9.6.1.1.

Published: July 21, 2024; 7:15:02 PM -0400 		V4.0:(not available)
 V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2024-37446

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kiboko Labs Chained Quiz allows Stored XSS.This issue affects Chained Quiz: from n/a through 1.3.2.8.

Published: July 21, 2024; 7:15:02 PM -0400 		V4.0:(not available)
 V3.1: 4.8 MEDIUM
V2.0:(not available)