Total
34410 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-23668 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ChatGPT Open AI Images & Content for WooCommerce allows Reflected XSS. This issue affects ChatGPT Open AI Images & Content for WooCommerce: from n/a through 2.2.0. | ||||
| CVE-2025-27269 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound .htaccess Login block allows Reflected XSS. This issue affects .htaccess Login block: from n/a through 0.9a. | ||||
| CVE-2025-27271 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound DB Tables Import/Export allows Reflected XSS. This issue affects DB Tables Import/Export: from n/a through 1.0.1. | ||||
| CVE-2025-27273 | 2025-03-03 | 5.8 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in winking Affiliate Links Manager allows Reflected XSS. This issue affects Affiliate Links Manager: from n/a through 1.0. | ||||
| CVE-2025-25170 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Migrate Posts allows Reflected XSS. This issue affects Migrate Posts: from n/a through 1.0. | ||||
| CVE-2025-25133 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Frontend Submit allows Cross-Site Scripting (XSS). This issue affects WP Frontend Submit: from n/a through 1.1.0. | ||||
| CVE-2025-26557 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ViperBar allows Reflected XSS. This issue affects ViperBar: from n/a through 2.0. | ||||
| CVE-2025-26589 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound IE CSS3 Support allows Reflected XSS. This issue affects IE CSS3 Support: from n/a through 2.0.1. | ||||
| CVE-2025-23956 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Easy Post Mailer allows Reflected XSS. This issue affects WP Easy Post Mailer: from n/a through 0.64. | ||||
| CVE-2025-25137 | 2025-03-03 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Social Links allows Stored XSS. This issue affects Social Links: from n/a through 1.0.11. | ||||
| CVE-2025-25142 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Less Compiler allows Stored XSS. This issue affects WP Less Compiler: from n/a through 1.3.0. | ||||
| CVE-2025-24428 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2025-03-03 | 5.4 Medium |
| Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | ||||
| CVE-2025-25157 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Church Center allows Reflected XSS. This issue affects WP Church Center: from n/a through 1.3.3. | ||||
| CVE-2025-25158 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Uncomplicated SEO allows Reflected XSS. This issue affects Uncomplicated SEO: from n/a through 1.2. | ||||
| CVE-2025-26588 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound TTT Crop allows Reflected XSS. This issue affects TTT Crop: from n/a through 1.0. | ||||
| CVE-2025-27275 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andrew_fisher WOO Codice Fiscale allows Reflected XSS. This issue affects WOO Codice Fiscale: from n/a through 1.6.3. | ||||
| CVE-2025-26587 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound sidebarTabs allows Reflected XSS. This issue affects sidebarTabs: from n/a through 3.1. | ||||
| CVE-2025-27278 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound AcuGIS Leaflet Maps allows Reflected XSS. This issue affects AcuGIS Leaflet Maps: from n/a through 5.1.1.0. | ||||
| CVE-2024-10234 | 1 Redhat | 7 Build Keycloak, Build Of Keycloak, Jboss Data Grid and 4 more | 2025-03-03 | 6.1 Medium |
| A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server. | ||||
| CVE-2025-25132 | 2025-03-03 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ravi Singh Visitor Details allows Stored XSS. This issue affects Visitor Details: from n/a through 1.0.1. | ||||