Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webmuehle Court Reservation court-reservation allows Reflected XSS.This issue affects Court Reservation: from n/a through <= 1.10.13.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rachanaS Sponsered Link sponsered-link allows Reflected XSS.This issue affects Sponsered Link: from n/a through <= 4.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core allows Reflected XSS.This issue affects XStore Core: from n/a through 5.3.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Icegram Email Subscribers & Newsletters allows Reflected XSS.This issue affects Email Subscribers & Newsletters: from n/a through 5.7.11.
Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an authenticated user and partially take over their browser session via the 'eventdate' and 'events' parameters in 'port/event_print.php'.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arash Safari QMean – WordPress Did You Mean qmean allows Reflected XSS.This issue affects QMean – WordPress Did You Mean: from n/a through <= 2.0.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Amin A.Rezapour Product Specifications for Woocommerce plugin <=Â 0.6.0 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RexTheme Cart Lift – Abandoned Cart Recovery for WooCommerce and EDD plugin <= 3.1.5 versions.
The WP Talroo WordPress plugin through 2.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin and unauthenticated users.
Reflected Cross-Site Scripting (XSS) vulnerability in Dmytriy.Cooperman MagicForm plugin <=Â 0.1 versions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPJobBoard Jobeleon Theme allows Reflected XSS.This issue affects Jobeleon Theme: from n/a through 1.9.1.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Umair Saleem Woocommerce Custom Checkout Fields Editor With Drag & Drop plugin <=Â 0.1 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fugu Maintenance Switch plugin <=Â 1.5.2 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form plugin <=Â 1.0.15 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.1 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in JC Development Team WooCommerce JazzCash Gateway Plugin plugin <=Â 2.0 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rocket Apps Open Graphite plugin <=Â 1.6.0 versions.
Reflected Cross-Site Scripting (XSS) vulnerability in Blockonomics WordPress Bitcoin Payments – Blockonomics plugin <= 3.5.7 versions.
Unauth. Reflected Cross-Site Scripting vulnerability in Daniel Powney Multi Rating plugin <= 5.0.5 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember plugin <=Â 4.0.1 versions.
Reflected Cross-Site Scripting (XSS) vulnerability in Tussendoor internet & marketing Open RDW kenteken voertuiginformatie plugin <=Â 2.0.14 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Charitable Donations & Fundraising Team Donation Forms by Charitable plugin <=Â 1.7.0.10 versions.
Reflected Cross-Site Scripting (XSS) vulnerability in Mickael Austoni Map Multi Marker plugin <= 3.2.1 versions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bradley B. Dalina Image Tag Manager allows Reflected XSS.This issue affects Image Tag Manager: from n/a through 1.5.
Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution.  The vulnerability is an unauthenticated stored cross-site scripting vulnerability in the embedded webserver. The payload is transferred to the controller over SNMP and is rendered on the homepage of the embedded website.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Le Van Toan Woocommerce Vietnam Checkout plugin <=Â 2.0.4 versions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrea Tarantini BP Profile Search allows Reflected XSS.This issue affects BP Profile Search: from n/a through 5.5.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in iThemes WPComplete plugin <=Â 2.9.2 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in biplob018 Image Hover Effects for Elementor with Lightbox and Flipbox plugin <= 2.8 versions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shield Security Shield Security – Smart Bot Blocking & Intrusion Prevention Security allows Stored XSS.This issue affects Shield Security – Smart Bot Blocking & Intrusion Prevention Security: from n/a through 18.5.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Torbert SimpleMap Store Locator allows Reflected XSS.This issue affects SimpleMap Store Locator: from n/a through 2.6.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Urošević Stock Ticker allows Reflected XSS.This issue affects Stock Ticker: from n/a through 3.23.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay.This issue affects WP-Lister Lite for eBay: from n/a through <= 3.5.7.
Reflected Cross-Site Scripting (XSS) vulnerability in Denis 微信机器人高级版 plugin <= 6.0.1 versions.
An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 3 of 6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional allows Reflected XSS.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.
Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an authenticated user and partially take over their browser session via the 'id' and 'view' parameters in '/user/index.php'.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oliver Seidel, Bastian Germann CformsII allows Stored XSS.This issue affects CformsII: from n/a through 15.0.5.
The Taskbuilder WordPress plugin before 5.0.8 does not properly sanitise a URL parameter before echoing it into inline JavaScript on a frontend page containing one of its shortcodes, leading to a Reflected Cross-Site Scripting vulnerability that can be triggered against any logged-in user.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Reflected XSS.This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels: from n/a through 4.4.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Ad Inserter Pro allows Reflected XSS. This issue affects Ad Inserter Pro: from n/a through 2.7.39.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Smart Editor JoomUnited allows Reflected XSS.This issue affects JoomUnited: from n/a through 1.3.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N Squared Simply Schedule Appointments allows Reflected XSS.This issue affects Simply Schedule Appointments: from n/a through 1.6.6.20.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rakessh Ads24 Lite wp-ad-management allows Reflected XSS.This issue affects Ads24 Lite: from n/a through <= 1.0.
lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting (XSS) on the /tools/Password/add page in the input field password.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhostPool Aardvark aardvark allows Reflected XSS.This issue affects Aardvark: from n/a through <= 4.6.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themebon Business Template Blocks for WPBakery (Visual Composer) Page Builder templates-and-addons-for-wpbakery-page-builder allows Reflected XSS.This issue affects Business Template Blocks for WPBakery (Visual Composer) Page Builder: from n/a through <= 1.3.2.
Unauthenticated Cross Site Scripting (XSS) in Grand Car Rental <= 3.7 versions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Universal Video Player universal-video-player allows Reflected XSS.This issue affects Universal Video Player: from n/a through <= 3.8.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hossni Mubarak JobWP jobwp allows Stored XSS.This issue affects JobWP: from n/a through <= 2.4.5.