Total
34649 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-28885 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Fiverr.com Official Search Box allows Stored XSS. This issue affects Fiverr.com Official Search Box: from n/a through 1.0.8. | |||||
| CVE-2025-26542 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Zalo Live Chat allows Reflected XSS. This issue affects Zalo Live Chat: from n/a through 1.1.0. | |||||
| CVE-2025-27267 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in srcoley Random Quotes allows Reflected XSS. This issue affects Random Quotes: from n/a through 1.3. | |||||
| CVE-2025-26869 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Build allows Stored XSS.This issue affects Build: from n/a through 1.0.3. | |||||
| CVE-2025-28882 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Omnify, Inc. Omnify allows Reflected XSS. This issue affects Omnify: from n/a through 2.0.3. | |||||
| CVE-2025-28928 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sureshdsk Are you robot google recaptcha for wordpress allows Reflected XSS. This issue affects Are you robot google recaptcha for wordpress: from n/a through 2.2. | |||||
| CVE-2025-26576 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in takumin WP Simple Slideshow allows Reflected XSS. This issue affects WP Simple Slideshow: from n/a through 1.0. | |||||
| CVE-2025-28865 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lionelroux WP Colorful Tag Cloud allows Reflected XSS. This issue affects WP Colorful Tag Cloud: from n/a through 2.0.1. | |||||
| CVE-2025-26537 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound GDPR Tools allows Stored XSS. This issue affects GDPR Tools: from n/a through 1.0.2. | |||||
| CVE-2025-23632 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rhizome Networks CG Button allows Reflected XSS. This issue affects CG Button: from n/a through 1.0.5.6. | |||||
| CVE-2025-22283 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Riyaz GetSocial allows Reflected XSS. This issue affects GetSocial: from n/a through 2.0.1. | |||||
| CVE-2021-37374 | 1 Teradek | 2 Clip, Clip Firmware | 2025-03-26 | N/A | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Teradek Clip all firmware versions allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address this issue. | |||||
| CVE-2025-23612 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pixobe Cartography allows Reflected XSS. This issue affects Pixobe Cartography: from n/a through 1.0.1. | |||||
| CVE-2025-23638 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Frontend Post Submission allows Reflected XSS. This issue affects Frontend Post Submission: from n/a through 1.0. | |||||
| CVE-2025-23466 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsiteeditor Site Editor Google Map allows Reflected XSS. This issue affects Site Editor Google Map: from n/a through 1.0.1. | |||||
| CVE-2025-23546 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound RDP inGroups+ allows Reflected XSS. This issue affects RDP inGroups+: from n/a through 1.0.6. | |||||
| CVE-2025-23460 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound RWS Enquiry And Lead Follow-up allows Reflected XSS. This issue affects RWS Enquiry And Lead Follow-up: from n/a through 1.0. | |||||
| CVE-2025-23633 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Database Audit allows Reflected XSS. This issue affects WP Database Audit: from n/a through 1.0. | |||||
| CVE-2025-23543 | 2025-03-26 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound FOMO Pay Chinese Payment Solution allows Reflected XSS. This issue affects FOMO Pay Chinese Payment Solution: from n/a through 2.0.4. | |||||
| CVE-2024-4149 | 1 Premio | 1 Floating Chat Widget | 2025-03-26 | N/A | 4.8 MEDIUM |
| The Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button WordPress plugin before 3.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | |||||