Total
37699 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-30771 | 2025-03-27 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alain-Aymerick FRANCOIS WP Cassify allows DOM-Based XSS. This issue affects WP Cassify: from n/a through 2.3.5. | |||||
| CVE-2025-23666 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Management-screen-droptiles allows Reflected XSS. This issue affects Management-screen-droptiles: from n/a through 1.0. | |||||
| CVE-2025-26929 | 2025-03-27 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NOUS Ouvert Utile et Simple Accounting for WooCommerce allows Stored XSS.This issue affects Accounting for WooCommerce: from n/a through 1.6.8. | |||||
| CVE-2025-30780 | 2025-03-27 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cubecolour Audio Album allows Stored XSS. This issue affects Audio Album: from n/a through 1.5.0. | |||||
| CVE-2025-27406 | 2025-03-27 | N/A | 7.6 HIGH | ||
| Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act on behalf of the user, if the template is being previewed; and act on behalf of the headless browser, if a report using the template is printed to PDF. This issue has been resolved in version 1.0.3 of Icinga Reporting. As a workaround, review all templates and remove suspicious settings. | |||||
| CVE-2025-28877 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Key4ce osTicket Bridge allows Reflected XSS. This issue affects Key4ce osTicket Bridge: from n/a through 1.4.0. | |||||
| CVE-2025-23638 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Frontend Post Submission allows Reflected XSS. This issue affects Frontend Post Submission: from n/a through 1.0. | |||||
| CVE-2025-28928 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sureshdsk Are you robot google recaptcha for wordpress allows Reflected XSS. This issue affects Are you robot google recaptcha for wordpress: from n/a through 2.2. | |||||
| CVE-2025-28899 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Event Ticketing allows Reflected XSS. This issue affects WP Event Ticketing: from n/a through 1.3.4. | |||||
| CVE-2025-23964 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Google Plus allows Reflected XSS. This issue affects Google Plus: from n/a through 1.0.2. | |||||
| CVE-2025-28885 | 2025-03-27 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Fiverr.com Official Search Box allows Stored XSS. This issue affects Fiverr.com Official Search Box: from n/a through 1.0.8. | |||||
| CVE-2025-26576 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in takumin WP Simple Slideshow allows Reflected XSS. This issue affects WP Simple Slideshow: from n/a through 1.0. | |||||
| CVE-2025-26573 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Rizzi Guestbook allows Reflected XSS. This issue affects Rizzi Guestbook: from n/a through 4.0.1. | |||||
| CVE-2025-26537 | 2025-03-27 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound GDPR Tools allows Stored XSS. This issue affects GDPR Tools: from n/a through 1.0.2. | |||||
| CVE-2025-28869 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound NextGEN Gallery Voting allows Reflected XSS. This issue affects NextGEN Gallery Voting: from n/a through 2.7.6. | |||||
| CVE-2025-22283 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Riyaz GetSocial allows Reflected XSS. This issue affects GetSocial: from n/a through 2.0.1. | |||||
| CVE-2025-28921 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound SpatialMatch IDX allows Reflected XSS. This issue affects SpatialMatch IDX: from n/a through 3.0.9. | |||||
| CVE-2025-23632 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rhizome Networks CG Button allows Reflected XSS. This issue affects CG Button: from n/a through 1.0.5.6. | |||||
| CVE-2025-23543 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound FOMO Pay Chinese Payment Solution allows Reflected XSS. This issue affects FOMO Pay Chinese Payment Solution: from n/a through 2.0.4. | |||||
| CVE-2025-26564 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kagla GNUCommerce allows Reflected XSS. This issue affects GNUCommerce: from n/a through 1.5.4. | |||||