Total
29272 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-30449 | 2024-04-01 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Booking Activities Team Booking Activities allows Reflected XSS.This issue affects Booking Activities: from n/a through 1.15.19. | |||||
| CVE-2024-30437 | 2024-04-01 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPPOOL Webinar and Video Conference with Jitsi Meet allows Stored XSS.This issue affects Webinar and Video Conference with Jitsi Meet: from n/a through 2.6.3. | |||||
| CVE-2024-31085 | 2024-04-01 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rob Marsh, SJ Post-Plugin Library allows Reflected XSS.This issue affects Post-Plugin Library: from n/a through 2.6.2.1. | |||||
| CVE-2024-30559 | 2024-04-01 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maurice Spin 360 deg and 3D Model Viewer allows Stored XSS.This issue affects Spin 360 deg and 3D Model Viewer: from n/a through 1.2.7. | |||||
| CVE-2022-47153 | 2024-04-01 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPJobBoard Jobeleon Theme allows Reflected XSS.This issue affects Jobeleon Theme: from n/a through 1.9.1. | |||||
| CVE-2024-30443 | 2024-04-01 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins GS Testimonial Slider allows Stored XSS.This issue affects GS Testimonial Slider: from n/a through 3.1.4. | |||||
| CVE-2024-31102 | 2024-04-01 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scimone Ignazio Prenotazioni allows Stored XSS.This issue affects Prenotazioni: from n/a through 1.7.4. | |||||
| CVE-2024-31092 | 2024-04-01 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Philip M. Hofer (Frumph) Comic Easel allows Reflected XSS.This issue affects Comic Easel: from n/a through 1.15. | |||||
| CVE-2024-30556 | 2024-04-01 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MightyThemes Mighty Classic Pros And Cons allows Stored XSS.This issue affects Mighty Classic Pros And Cons: from n/a through 2.0.9. | |||||
| CVE-2024-31117 | 2024-04-01 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moises Heberle WooCommerce Bookings Calendar.This issue affects WooCommerce Bookings Calendar: from n/a through 1.0.36. | |||||
| CVE-2023-6047 | 2024-03-29 | N/A | 6.1 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Algoritim E-commerce Software allows Reflected XSS.This issue affects E-commerce Software: before 3.9.2. | |||||
| CVE-2024-30503 | 2024-03-29 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EverPress Mailster allows Reflected XSS.This issue affects Mailster: from n/a through 4.0.6. | |||||
| CVE-2024-30483 | 2024-03-29 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simple Sponsorships Sponsors allows Stored XSS.This issue affects Sponsors: from n/a through 3.5.1. | |||||
| CVE-2024-30519 | 2024-03-29 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lordicon Lordicon Animated Icons allows Stored XSS.This issue affects Lordicon Animated Icons: from n/a through 2.0.1. | |||||
| CVE-2024-30520 | 2024-03-29 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Labib Ahmed Carousel Anything For WPBakery Page Builder allows Stored XSS.This issue affects Carousel Anything For WPBakery Page Builder: from n/a through 2.1. | |||||
| CVE-2024-29882 | 2024-03-28 | N/A | 7.2 HIGH | ||
| SRS is a simple, high-efficiency, real-time video server. SRS's `/api/v1/vhosts/vid-<id>?callback=<payload>` endpoint didn't filter the callback function name which led to injecting malicious javascript payloads and executing XSS ( Cross-Site Scripting). This vulnerability is fixed in 5.0.210 and 6.0.121. | |||||
| CVE-2024-28001 | 2024-03-28 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Archetyped Favicon Rotator allows Reflected XSS.This issue affects Favicon Rotator: from n/a through 1.2.10. | |||||
| CVE-2023-6371 | 2024-03-28 | N/A | 8.7 HIGH | ||
| An issue has been discovered in GitLab CE/EE affecting all versions before 16.8.5, all versions starting from 16.9 before 16.9.3, all versions starting from 16.10 before 16.10.1. A wiki page with a crafted payload may lead to a Stored XSS, allowing attackers to perform arbitrary actions on behalf of victims. | |||||
| CVE-2024-30422 | 2024-03-28 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPVibes Elementor Addon Elements allows Stored XSS.This issue affects Elementor Addon Elements: from n/a through 1.13.1. | |||||
| CVE-2024-27999 | 2024-03-28 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Digamber Pradhan Preview E-mails for WooCommerce allows Reflected XSS.This issue affects Preview E-mails for WooCommerce: from n/a through 2.2.1. | |||||