Total
39597 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-59549 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fatcatapps GetResponse Forms allows Stored XSS. This issue affects GetResponse Forms: from n/a through 2.6.0. | |||||
| CVE-2025-58992 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in impleCode Product Catalog Simple allows Stored XSS. This issue affects Product Catalog Simple: from n/a through 1.8.2. | |||||
| CVE-2025-59565 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Swings Upsell Order Bump Offer for WooCommerce allows Stored XSS. This issue affects Upsell Order Bump Offer for WooCommerce: from n/a through 3.0.7. | |||||
| CVE-2025-58233 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Guaven Labs SQL Chart Builder allows DOM-Based XSS. This issue affects SQL Chart Builder: from n/a through 2.3.7.2. | |||||
| CVE-2025-58245 | 2025-09-22 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bestweblayout Portfolio allows DOM-Based XSS. This issue affects Portfolio : from n/a through 2.58. | |||||
| CVE-2025-58683 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Luke Mlsna Last Updated Shortcode allows Stored XSS. This issue affects Last Updated Shortcode: from n/a through 1.0.1. | |||||
| CVE-2025-57993 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benjamin Pick Geolocation IP Detection allows Stored XSS. This issue affects Geolocation IP Detection: from n/a through 5.5.0. | |||||
| CVE-2025-57998 | 2025-09-22 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hamid Reza Yazdani E-namad & Shamed Logo Manager allows Stored XSS. This issue affects E-namad & Shamed Logo Manager: from n/a through 2.2. | |||||
| CVE-2025-58265 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stonehenge Creations Events Manager – OpenStreetMaps allows Stored XSS. This issue affects Events Manager – OpenStreetMaps: from n/a through 4.2.1. | |||||
| CVE-2025-58264 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in artbees JupiterX Core allows Stored XSS. This issue affects JupiterX Core: from n/a through 4.10.1. | |||||
| CVE-2025-58684 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Logo Showcase allows Stored XSS. This issue affects Logo Showcase: from n/a through 3.0.9. | |||||
| CVE-2025-58661 | 2025-09-22 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eZee Technosys eZee Online Hotel Booking Engine allows Stored XSS. This issue affects eZee Online Hotel Booking Engine: from n/a through 1.0.0. | |||||
| CVE-2025-58237 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Niaj Morshed LC Wizard allows Stored XSS. This issue affects LC Wizard: from n/a through 1.3.0. | |||||
| CVE-2025-58002 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Milan Petrovic GD bbPress Tools allows DOM-Based XSS. This issue affects GD bbPress Tools: from n/a through 3.5.3. | |||||
| CVE-2025-59553 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Coderz Studio Custom iFrame for Elementor allows DOM-Based XSS. This issue affects Custom iFrame for Elementor: from n/a through 1.0.13. | |||||
| CVE-2025-58254 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dtbaker StylePress for Elementor allows Stored XSS. This issue affects StylePress for Elementor: from n/a through 1.2.1. | |||||
| CVE-2025-58239 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chandrika Sista WP Category Dropdown allows Stored XSS. This issue affects WP Category Dropdown: from n/a through 1.9. | |||||
| CVE-2025-59587 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Penci Shortcodes & Performance allows DOM-Based XSS. This issue affects Penci Shortcodes & Performance: from n/a through n/a. | |||||
| CVE-2025-59589 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Soledad allows DOM-Based XSS. This issue affects Soledad: from n/a through 8.6.8. | |||||
| CVE-2025-58256 | 2025-09-22 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jonathan Brinley DOAJ Export allows Stored XSS. This issue affects DOAJ Export: from n/a through 1.0.4. | |||||