Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pflonk Sidebar-Content from Shortcode allows DOM-Based XSS.This issue affects Sidebar-Content from Shortcode: from n/a through 2.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPVibes Elementor Addon Elements allows Stored XSS.This issue affects Elementor Addon Elements: from n/a through 1.13.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hans Matzen allows Stored XSS.This issue affects wp-forecast: from n/a through 9.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andy Moyle Church Admin allows Stored XSS.This issue affects Church Admin: from n/a through 4.1.17.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MotoPress Stratum allows Stored XSS.This issue affects Stratum: from n/a through 1.3.15.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Thorpe Easy Shortcode Buttons allows Stored XSS.This issue affects Easy Shortcode Buttons: from n/a through 1.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simple Sponsorships Sponsors allows Stored XSS.This issue affects Sponsors: from n/a through 3.5.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Step-Byte-Service GmbH OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) allows Stored XSS.This issue affects OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer): from n/a through 1.1.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Easy Social Feed allows Stored XSS.This issue affects Easy Social Feed: from n/a through 6.5.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Camille Verrier Travelers' Map allows Stored XSS.This issue affects Travelers' Map: from n/a through 2.2.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CurrencyRate.Today Crypto Converter Widget allows Stored XSS.This issue affects Crypto Converter Widget: from n/a through 1.8.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HashThemes Hash Elements allows Stored XSS.This issue affects Hash Elements: from n/a through 1.3.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jens Remus WP krpano allows Stored XSS.This issue affects WP krpano: from n/a through 1.2.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blocksera Image Hover Effects – Elementor Addon allows Stored XSS.This issue affects Image Hover Effects – Elementor Addon: from n/a through 1.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpWax Post Grid, Slider & Carousel Ultimate allows Stored XSS.This issue affects Post Grid, Slider & Carousel Ultimate: from n/a through 1.6.6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sayan Datta Ultimate Social Comments – Email Notification & Lazy Load allows Stored XSS.This issue affects Ultimate Social Comments – Email Notification & Lazy Load: from n/a through 1.4.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AndonDesign UDesign Core u-design-core.This issue affects UDesign Core: from n/a through <= 4.14.1.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPZOOM Beaver Builder Addons by WPZOOM allows Stored XSS.This issue affects Beaver Builder Addons by WPZOOM: from n/a through 1.3.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BdThemes Prime Slider – Addons For Elementor allows Stored XSS.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Collect.Chat Inc. Collectchat allows Stored XSS.This issue affects Collectchat: from n/a through 2.4.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alordiel Dropdown Multisite selector allows Stored XSS.This issue affects Dropdown Multisite selector: from n/a through 0.9.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab, Inc. Web Icons allows Stored XSS.This issue affects Web Icons: from n/a through 1.0.0.10.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Compact WP Audio Player allows Stored XSS.This issue affects Compact WP Audio Player: from n/a through 1.9.9.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Looking Forward Software Incorporated. Popup Builder allows Stored XSS.This issue affects Popup Builder: from n/a through 4.2.6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through 2.4.25.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thomas Ehrhardt Powie's pLinks PagePeeker allows DOM-Based XSS.This issue affects Powie's pLinks PagePeeker: from n/a through 1.0.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andy Moyle Church Admin allows Stored XSS.This issue affects Church Admin: from n/a through 4.0.26.
Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maurice Spin 360 deg and 3D Model Viewer allows Stored XSS.This issue affects Spin 360 deg and 3D Model Viewer: from n/a through 1.2.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab, Inc. Web Icons allows Stored XSS.This issue affects Web Icons: from n/a through 1.0.0.10.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Stored XSS.This issue affects Beaver Builder: from n/a through 2.7.4.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Roberts Annie allows Stored XSS.This issue affects Annie: from n/a through 2.1.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Revolutionart Marmoset Viewer allows Stored XSS.This issue affects Marmoset Viewer: from n/a through 1.9.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PromoSimple Giveaways and Contests by PromoSimple allows Stored XSS.This issue affects Giveaways and Contests by PromoSimple: from n/a through 1.24.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins GS Testimonial Slider allows Stored XSS.This issue affects GS Testimonial Slider: from n/a through 3.1.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Stored XSS.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Hosting Pay with Vipps and MobilePay for WooCommerce allows Stored XSS.This issue affects Pay with Vipps and MobilePay for WooCommerce: from n/a through 1.14.13.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in carrotbits Greek Namedays Widget From Eortologio.Net allows Stored XSS.This issue affects Greek Namedays Widget From Eortologio.Net: from n/a through 20191113.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPPOOL Webinar and Video Conference with Jitsi Meet allows Stored XSS.This issue affects Webinar and Video Conference with Jitsi Meet: from n/a through 2.6.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through 2.0.5.4.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nabil Lemsieh HurryTimer allows Stored XSS.This issue affects HurryTimer: from n/a through 2.9.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasTheme WishSuite allows Stored XSS.This issue affects WishSuite: from n/a through 1.3.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Stored XSS.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 4.7.6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nitesh Singh Awesome Timeline allows Stored XSS. This issue affects Awesome Timeline: from n/a through 1.0.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gold Plugins Easy FAQs allows Stored XSS.This issue affects Easy FAQs: from n/a through 3.2.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BetterAddons Better Elementor Addons allows Stored XSS.This issue affects Better Elementor Addons: from n/a through 1.3.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MightyThemes Mighty Classic Pros And Cons allows Stored XSS.This issue affects Mighty Classic Pros And Cons: from n/a through 2.0.9.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Botnet Attack Blocker allows Stored XSS. This issue affects Botnet Attack Blocker: from n/a through 2.0.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aesopinteractive Aesop Story Engine allows Stored XSS.This issue affects Aesop Story Engine: from n/a through 2.3.2.