Total
34649 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-5628 | 1 Remyandrade | 1 Food Menu Manager | 2025-06-06 | N/A | 5.4 MEDIUM |
| A vulnerability, which was classified as problematic, has been found in SourceCodester Food Menu Manager 1.0. Affected by this issue is some unknown functionality of the file /index.php of the component Add Menu Handler. The manipulation of the argument name/description leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5508 | 1 Totolink | 2 A3002ru-v2, A3002ru Firmware | 2025-06-06 | N/A | 3.4 LOW |
| A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been rated as problematic. Affected by this issue is some unknown functionality of the component IP Port Filtering Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-30634 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IWEBIX WP Featured Content Slider allows Stored XSS. This issue affects WP Featured Content Slider: from n/a through 2.6. | |||||
| CVE-2025-49311 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CoolHappy The Events Calendar Countdown Addon allows Stored XSS. This issue affects The Events Calendar Countdown Addon: from n/a through 1.4.9. | |||||
| CVE-2025-30630 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pozzad Global Translator allows Stored XSS. This issue affects Global Translator: from n/a through 2.0.2. | |||||
| CVE-2025-5239 | 2025-06-06 | N/A | 6.4 MEDIUM | ||
| The Domain For Sale plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class_name’ parameter in all versions up to, and including, 3.0.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |||||
| CVE-2025-49333 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wp.insider Simple Membership allows Stored XSS. This issue affects Simple Membership: from n/a through 4.6.3. | |||||
| CVE-2025-29011 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CHR Designer YouTube Simple Gallery allows Stored XSS. This issue affects YouTube Simple Gallery: from n/a through 2.2.0. | |||||
| CVE-2025-49067 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NasaTheme Nasa Core allows Stored XSS.This issue affects Nasa Core: from n/a before 6.4.1. | |||||
| CVE-2023-26000 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hanhdo205 Bang tinh vay allows Stored XSS. This issue affects Bang tinh vay: from n/a through 1.0.1. | |||||
| CVE-2025-49304 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeManas Search with Typesense allows Stored XSS. This issue affects Search with Typesense: from n/a through 2.0.10. | |||||
| CVE-2025-49076 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH Innovations The Plus Addons for Elementor Page Builder Lite allows Stored XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 6.2.7. | |||||
| CVE-2025-30940 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in melipayamak Melipayamak allows Stored XSS. This issue affects Melipayamak: from n/a through 2.2.12. | |||||
| CVE-2025-49427 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ryan Burnette Abbie Expander allows Stored XSS. This issue affects Abbie Expander: from n/a through 1.0.1. | |||||
| CVE-2025-30627 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in regolithsjk Elegant Visitor Counter allows Stored XSS. This issue affects Elegant Visitor Counter: from n/a through 3.1. | |||||
| CVE-2025-49310 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M A Vinoth Kumar Frontend Dashboard allows Stored XSS. This issue affects Frontend Dashboard: from n/a through 2.2.8. | |||||
| CVE-2025-49318 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPtouch WPtouch allows Stored XSS. This issue affects WPtouch: from n/a through 4.3.60. | |||||
| CVE-2025-30637 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Deetronix Booking Ultra Pro allows Stored XSS. This issue affects Booking Ultra Pro: from n/a through 1.1.20. | |||||
| CVE-2025-49074 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemesGrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.5.4. | |||||
| CVE-2025-49243 | 2025-06-06 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sevenspark ShiftNav – Responsive Mobile Menu allows Stored XSS. This issue affects ShiftNav – Responsive Mobile Menu: from n/a through 1.8. | |||||