Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Steven Nolles Bonway Static Block Editor bonway-static-block-editor allows DOM-Based XSS.This issue affects Bonway Static Block Editor: from n/a through <= 1.1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in martindrapeau Amilia Store amilia-store allows Stored XSS.This issue affects Amilia Store: from n/a through <= 2.9.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre Lebedel Kodex Posts likes kodex-posts-likes.This issue affects Kodex Posts likes: from n/a through <= 2.5.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter.This issue affects MDTF: from n/a through <= 1.3.3.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in overclokk Advanced Control Manager for WordPress by ItalyStrap advanced-control-manager allows Stored XSS.This issue affects Advanced Control Manager for WordPress by ItalyStrap: from n/a through <= 2.16.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks cozy-addons allows Stored XSS.This issue affects Cozy Blocks: from n/a through <= 2.0.15.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Namaste! LMS namaste-lms allows Stored XSS.This issue affects Namaste! LMS: from n/a through <= 2.6.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sided Sided sided allows DOM-Based XSS.This issue affects Sided: from n/a through <= 1.4.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AuburnForest DataMentor datamentor allows DOM-Based XSS.This issue affects DataMentor: from n/a through <= 1.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Riley Magnuson MyOrderDesk myorderdesk allows DOM-Based XSS.This issue affects MyOrderDesk: from n/a through <= 3.2.6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in irfantea Show Visitor IP Address show-visitor-ip-address allows Stored XSS.This issue affects Show Visitor IP Address: from n/a through <= 0.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FuturioWP Futurio Extra futurio-extra.This issue affects Futurio Extra: from n/a through <= 2.0.11.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zachsilberstein RLM Elementor Widgets Pack rlm-elementor-widgets-pack allows DOM-Based XSS.This issue affects RLM Elementor Widgets Pack: from n/a through <= 1.3.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post.This issue affects PostX: from n/a through <= 4.1.12.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IDSK team ID-SK Toolkit idsk-toolkit allows Stored XSS.This issue affects ID-SK Toolkit: from n/a through <= 1.7.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in merkulove Selection Lite selection-lite allows Stored XSS.This issue affects Selection Lite: from n/a through <= 1.13.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Odyno EndomondoWP endomondowp allows Stored XSS.This issue affects EndomondoWP: from n/a through <= 0.1.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brightvesseldev Textboxes textboxes allows DOM-Based XSS.This issue affects Textboxes: from n/a through <= 0.1.3.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter J. Herrel Ancient World Linked Data ancient-world-linked-data-for-wordpress allows DOM-Based XSS.This issue affects Ancient World Linked Data: from n/a through <= 0.2.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper EmbedPress embedpress allows Stored XSS.This issue affects EmbedPress: from n/a through <= 4.0.14.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Namaste! LMS namaste-lms allows Stored XSS.This issue affects Namaste! LMS: from n/a through <= 2.6.4.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper Typing Text allows Stored XSS.This issue affects Typing Text: from n/a through 1.2.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in html5maps Interactive World Map interactive-world-map allows Stored XSS.This issue affects Interactive World Map: from n/a through <= 3.4.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RedefiningTheWeb PDF Generator Addon for Elementor Page Builder pdf-generator-addon-for-elementor-page-builder allows Stored XSS.This issue affects PDF Generator Addon for Elementor Page Builder: from n/a through <= 1.7.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stefano Marra Smart Mockups smart-mockups allows Stored XSS.This issue affects Smart Mockups: from n/a through <= 1.2.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP CodeUs Advanced Sermons advanced-sermons allows Stored XSS.This issue affects Advanced Sermons: from n/a through <= 3.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle M Brown Step by Step step-by-step allows Stored XSS.This issue affects Step by Step: from n/a through <= 0.4.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Coyier CodePen Embedded Pens Shortcode codepen-embedded-pen-shortcode allows Stored XSS.This issue affects CodePen Embedded Pens Shortcode: from n/a through <= 1.0.2.
Auth (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Macho Themes NewsMag theme <= 2.4.4 versions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robin Cornett Scriptless Social Sharing scriptless-social-sharing allows Stored XSS.This issue affects Scriptless Social Sharing: from n/a through <= 3.3.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce envo-elementor-for-woocommerce allows Stored XSS.This issue affects Envo's Elementor Templates & Widgets for WooCommerce: from n/a through <= 1.4.19.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in siteengineai Scrollbar by webxapp – Best vertical/horizontal scrollbars plugin scrollbar-by-webxapp allows Stored XSS.This issue affects Scrollbar by webxapp – Best vertical/horizontal scrollbars plugin: from n/a through <= 1.3.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tnomi Attendance Manager attendance-manager allows Stored XSS.This issue affects Attendance Manager: from n/a through <= 0.6.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Greg Winiarski WPAdverts wpadverts allows Stored XSS.This issue affects WPAdverts: from n/a through <= 2.2.1.
Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in WP Job Portal WP Job Portal – A Complete Job Board plugin <= 2.0.0 versions.
A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All versions < V2404.4). The file upload feature of the affected application improperly sanitizes xml files. This could allow an authenticated remote attacker to conduct a stored cross-site scripting attack by uploading specially crafted xml files that are later downloaded and viewed by other users of the application.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicheaddons Primary Addon for Elementor primary-addon-for-elementor allows Stored XSS.This issue affects Primary Addon for Elementor: from n/a through <= 1.5.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ryo Arkhe Blocks arkhe-blocks.This issue affects Arkhe Blocks: from n/a through <= 2.23.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themeworm Plexx Elementor Extension plexx-elementor-extension allows DOM-Based XSS.This issue affects Plexx Elementor Extension: from n/a through <= 1.3.6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPCenter AffiliateX affiliatex allows Stored XSS.This issue affects AffiliateX: from n/a through <= 1.2.9.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Wham Checkout Files Upload for WooCommerce checkout-files-upload-woocommerce allows Stored XSS.This issue affects Checkout Files Upload for WooCommerce: from n/a through <= 2.2.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows DOM-Based XSS.This issue affects Membership For WooCommerce: from n/a through <= 2.8.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal myCred Elementor mycred-for-elementor allows Stored XSS.This issue affects myCred Elementor: from n/a through <= 1.2.6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Asgaros Asgaros Forum asgaros-forum allows Stored XSS.This issue affects Asgaros Forum: from n/a through <= 3.2.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MadrasThemes MAS Elementor mas-addons-for-elementor allows DOM-Based XSS.This issue affects MAS Elementor: from n/a through <= 1.1.6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nayon46 Unlimited Addon For Elementor unlimited-addon-for-elementor allows Stored XSS.This issue affects Unlimited Addon For Elementor: from n/a through <= 2.0.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sinan Yorulmaz G Meta Keywords g-meta-keywords allows Stored XSS.This issue affects G Meta Keywords: from n/a through <= 1.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeNcode TNC FlipBook pdf-viewer-for-wordpress allows Stored XSS.This issue affects TNC FlipBook: from n/a through <= 12.1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in harry005 Ajax Custom CSS/JS ajax-awesome-css allows Reflected XSS.This issue affects Ajax Custom CSS/JS: from n/a through <= 2.0.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WisdmLabs Edwiser Bridge edwiser-bridge allows Stored XSS.This issue affects Edwiser Bridge: from n/a through <= 3.0.7.