Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Total 41609 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-51811 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hussam Hussien Popup Image allows Stored XSS.This issue affects Popup Image: from n/a through 1.0.1.
CVE-2024-11198 2024-11-19 N/A 6.4 MEDIUM
The GD Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘extra_class’ parameter in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVE-2024-52345 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Roberto Alicata ra_qrcode allows Stored XSS.This issue affects ra_qrcode: from n/a through 2.1.0.
CVE-2024-51892 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in naa986 Sell Media File with Stripe allows Stored XSS.This issue affects Sell Media File with Stripe: from n/a through 1.0.6.
CVE-2024-51839 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Meini Utech Spinning Earth allows DOM-Based XSS.This issue affects Utech Spinning Earth: from n/a through 1.2.
CVE-2024-51858 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Umar Social Locker allows Stored XSS.This issue affects Social Locker: from n/a through 1.1.
CVE-2024-51908 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gonzalo Geraldo Adventure Bucket List allows DOM-Based XSS.This issue affects Adventure Bucket List: from n/a through 1.0.9.
CVE-2024-51847 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in giovanebribeiro WP PagSeguro Payments allows Stored XSS.This issue affects WP PagSeguro Payments: from n/a through 1.0.
CVE-2024-51841 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeNcode File Select Control For Elementor allows DOM-Based XSS.This issue affects File Select Control For Elementor: from n/a through 1.3.
CVE-2024-51901 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wojciech Borowicz Smooth Maps allows Stored XSS.This issue affects Smooth Maps: from n/a through 1.1.
CVE-2024-51838 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jon Smajda Pull This allows DOM-Based XSS.This issue affects Pull This: from n/a through 1.1.
CVE-2024-51905 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ravi & Suma RSV PDF Preview allows Stored XSS.This issue affects RSV PDF Preview: from n/a through 1.0.
CVE-2024-51933 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Christian Ladewig Cookie Nonsense for YT allows DOM-Based XSS.This issue affects Cookie Nonsense for YT: from n/a through 1.2.0.
CVE-2024-51835 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ajinkya N OpenCart Product Display allows Stored XSS.This issue affects OpenCart Product Display: from n/a through 1.0.
CVE-2024-51878 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joey Straile AchillesTheme-shortcodes allows DOM-Based XSS.This issue affects AchillesTheme-shortcodes: from n/a through 0.1.
CVE-2024-51897 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Erik Saulnier News Articles allows Stored XSS.This issue affects News Articles: from n/a through 1.0.0.
CVE-2024-51853 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alberuni Azad Faltu Testimonial Rotator allows DOM-Based XSS.This issue affects Faltu Testimonial Rotator: from n/a through 1.0.0.
CVE-2024-51880 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BeBetter Hotels BeBetter Social Icons allows DOM-Based XSS.This issue affects BeBetter Social Icons: from n/a through 2.7.
CVE-2024-51859 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bamboo Mcr Bamboo Enquiries allows Stored XSS.This issue affects Bamboo Enquiries: from n/a through 1.9.3.
CVE-2024-51934 2024-11-19 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uri Lazcano (Urielink) Ekiline Block Collection allows DOM-Based XSS.This issue affects Ekiline Block Collection: from n/a through 1.0.5.