Total
41944 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-47659 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements allows Stored XSS. This issue affects WPBakery Visual Composer WHMCS Elements: from n/a through 1.0.4.1. | |||||
| CVE-2025-47605 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AppJetty WP jQuery DataTable allows Stored XSS. This issue affects WP jQuery DataTable: from n/a through 4.1.0. | |||||
| CVE-2025-47676 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Faiyaz Alam User Login History allows Stored XSS. This issue affects User Login History: from n/a through 2.1.6. | |||||
| CVE-2025-47668 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cookiecode CookieCode allows Stored XSS. This issue affects CookieCode: from n/a through 2.4.4. | |||||
| CVE-2025-47665 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bistromatic N360 | Splash Screen allows Stored XSS. This issue affects N360 | Splash Screen: from n/a through 1.0.6. | |||||
| CVE-2025-47595 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Darshan Saroya Color Your Bar allows Stored XSS. This issue affects Color Your Bar: from n/a through 2.0. | |||||
| CVE-2025-47638 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sarvesh M Rao WP Discord Invite allows Stored XSS. This issue affects WP Discord Invite: from n/a through 2.5.3. | |||||
| CVE-2025-47617 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aharonyan WP Front User Submit / Front Editor allows Stored XSS. This issue affects WP Front User Submit / Front Editor: from n/a through 4.9.3. | |||||
| CVE-2025-47679 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RS WP THEMES RS WP Book Showcase allows DOM-Based XSS. This issue affects RS WP Book Showcase: from n/a through 6.7.40. | |||||
| CVE-2025-47592 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lehel Mátyus Legal Terms and Conditions Popup for User Login and WooCommerce Checkout – TPUL allows Stored XSS. This issue affects Legal Terms and Conditions Popup for User Login and WooCommerce Checkout – TPUL: from n/a through 2.0.3. | |||||
| CVE-2025-47656 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spiraclethemes Spiraclethemes Site Library allows Stored XSS. This issue affects Spiraclethemes Site Library: from n/a through 1.4.0. | |||||
| CVE-2025-47669 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sabuj Kundu CBX Map for Google Map & OpenStreetMap allows DOM-Based XSS. This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through 1.1.12. | |||||
| CVE-2023-7303 | 2025-05-08 | 4.0 MEDIUM | 3.5 LOW | ||
| A vulnerability, which was classified as problematic, was found in q2apro q2apro-on-site-notifications up to 1.4.6. This affects the function process_request of the file q2apro-onsitenotifications-page.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.4.8 is able to address this issue. The patch is named 0ca85ca02f8aceb661e9b71fd229c45d388ea5b5. It is recommended to upgrade the affected component. | |||||
| CVE-2025-47604 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Data443 Risk Migitation, Inc. Inline Related Posts allows Stored XSS. This issue affects Inline Related Posts: from n/a through 3.8.0. | |||||
| CVE-2025-47686 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DELUCKS DELUCKS SEO allows Stored XSS. This issue affects DELUCKS SEO: from n/a through 2.5.9. | |||||
| CVE-2025-47677 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gt3themes Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery allows Stored XSS. This issue affects Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery: from n/a through 2.7.7.25. | |||||
| CVE-2025-47622 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in apasionados Email Notification on Login allows Stored XSS. This issue affects Email Notification on Login: from n/a through 1.6.1. | |||||
| CVE-2025-47607 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AppJetty Show All Comments allows Stored XSS. This issue affects Show All Comments: from n/a through 7.0.1. | |||||
| CVE-2025-47615 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in flowdee Amazon Product in a Post allows Stored XSS. This issue affects Amazon Product in a Post: from n/a through 5.2.2. | |||||
| CVE-2025-47593 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jonas Hjalmarsson Really Simple Under Construction Page allows Stored XSS. This issue affects Really Simple Under Construction Page: from n/a through 1.4.6. | |||||