) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): xss
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2024-30446 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks Forms allows Stored XSS.This issue affects CRM Perks Forms: from n/a through 1.1.4. Published: March 29, 2024; 1:15:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-30445 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab, Inc. Web Icons allows Stored XSS.This issue affects Web Icons: from n/a through 1.0.0.10. Published: March 29, 2024; 1:15:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-30444 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zionbuilder.Io WordPress Page Builder – Zion Builder allows Stored XSS.This issue affects WordPress Page Builder – Zion Builder: from n/a through 3.6.9. Published: March 29, 2024; 1:15:12 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-30506 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vsourz Digital All In One Redirection allows Stored XSS.This issue affects All In One Redirection: from n/a through 2.2.0. Published: March 29, 2024; 11:15:13 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-30430 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Email Newsletter Team - FluentCRM Fluent CRM allows Stored XSS.This issue affects Fluent CRM: from n/a through 2.8.44. Published: March 29, 2024; 10:15:10 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-30429 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hans Matzen allows Stored XSS.This issue affects wp-forecast: from n/a through 9.2. Published: March 29, 2024; 10:15:09 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-30428 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Contest Gallery allows Reflected XSS.This issue affects Contest Gallery: from n/a through 21.3.5. Published: March 29, 2024; 10:15:09 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-30427 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Reflected XSS.This issue affects Spiffy Calendar: from n/a through 4.9.7. Published: March 29, 2024; 10:15:09 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-30426 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HashThemes Hash Elements allows Stored XSS.This issue affects Hash Elements: from n/a through 1.3.3. Published: March 29, 2024; 10:15:09 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-30425 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Stored XSS.This issue affects Beaver Builder: from n/a through 2.7.4.4. Published: March 29, 2024; 10:15:08 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-30423 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BetterAddons Better Elementor Addons allows Stored XSS.This issue affects Better Elementor Addons: from n/a through 1.3.7. Published: March 29, 2024; 10:15:08 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2022-47153 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPJobBoard Jobeleon Theme allows Reflected XSS.This issue affects Jobeleon Theme: from n/a through 1.9.1. Published: March 29, 2024; 10:15:08 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-30520 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Labib Ahmed Carousel Anything For WPBakery Page Builder allows Stored XSS.This issue affects Carousel Anything For WPBakery Page Builder: from n/a through 2.1. Published: March 29, 2024; 9:15:15 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-30519 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lordicon Lordicon Animated Icons allows Stored XSS.This issue affects Lordicon Animated Icons: from n/a through 2.0.1. Published: March 29, 2024; 9:15:15 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-30503 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EverPress Mailster allows Reflected XSS.This issue affects Mailster: from n/a through 4.0.6. Published: March 29, 2024; 9:15:15 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-30483 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simple Sponsorships Sponsors allows Stored XSS.This issue affects Sponsors: from n/a through 3.5.1. Published: March 29, 2024; 9:15:14 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2023-6047 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Algoritim E-commerce Software allows Reflected XSS.This issue affects E-commerce Software: before 3.9.2. Published: March 29, 2024; 8:15:07 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
| CVE-2024-28091 |
Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via User Defined Service in managed_services_add.asp (the victim must click an X for a deletion). Published: March 28, 2024; 4:15:07 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-28090 |
Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via User name in dyn_dns.asp. Published: March 28, 2024; 4:15:07 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-31138 |
In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settings Published: March 28, 2024; 11:15:47 AM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |