| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Anton Bond Additional Order Filters for WooCommerce plugin <= 1.10 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ThemePunch OHG Essential Grid plugin <= 3.1.0 versions. |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Qode Interactive Qi Addons For Elementor plugin <= 1.6.3 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Stefano Ottolenghi Post Pay Counter plugin <= 2.784 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in edward_plainview Plainview Protect Passwords plugin <= 1.4 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GoldBroker.Com Live Gold Price & Silver Price Charts Widgets plugin <= 2.4 versions. |
| IBM Security Guardium 11.4, 11.5, and 12.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 271525. |
| DokuWiki before 2023-04-04a allows XSS via RSS titles. |
| eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /scheduler/index.php. |
| eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /view/cb/format_642.php. |
| Reflected Cross Site Scripting (XSS) in the view dashboard detail feature in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the URL directly. |
| Minical 1.0.0 is vulnerable to Cross Site Scripting (XSS). The vulnerability exists due to insufficient input validation in the application's user input handling in the security_helper.php file. |
| Openfind Mail2000 has insufficient filtering special characters of email content of its content filtering function. A remote attacker can exploit this vulnerability using phishing emails that contain malicious web pages injected with JavaScript. When users access the system and open the email, it triggers an XSS (Reflected Cross-site scripting) attack. |
| Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. |
| Cross-site Scripting (XSS) - Stored in GitHub repository zadam/trilium prior to 0.59.4. |
| Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. |
| Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. |
| Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8 via evvtgendoc. |
| Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. |
| Online Flight Booking Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the feedback form. |