Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thinkupthemes Consulting consulting allows Stored XSS.This issue affects Consulting: from n/a through <= 1.5.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thinkupthemes Melos melos allows Stored XSS.This issue affects Melos: from n/a through <= 1.6.0.
The Drift theme for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The Renden theme for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dozyde Cookie Nonsense for YT yt-cookie-nonsense allows DOM-Based XSS.This issue affects Cookie Nonsense for YT: from n/a through <= 1.2.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magnetic Creative Inline Click To Tweet inline-click-to-tweet allows DOM-Based XSS.This issue affects Inline Click To Tweet: from n/a through <= 1.0.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in seothemes Simple Pricing Table simple-pricing-table allows Stored XSS.This issue affects Simple Pricing Table: from n/a through <= 1.0.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nomaniplex Easy Social Sharebar easy-social-sharebar allows Stored XSS.This issue affects Easy Social Sharebar: from n/a through <= 1.0.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 野人 活动链接推广插件 yr-activity-link allows DOM-Based XSS.This issue affects 活动链接推广插件: from n/a through <= 1.2.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasim Pro Addons For Elementor pro-addons-for-elementor allows Stored XSS.This issue affects Pro Addons For Elementor: from n/a through <= 1.5.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jakir Hasan Blocks Post Grid blocks-post-grid allows DOM-Based XSS.This issue affects Blocks Post Grid: from n/a through <= 1.0.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in teconce Wezido wezido-elementor-addon-based-on-easy-digital-downloads allows DOM-Based XSS.This issue affects Wezido: from n/a through <= 1.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shahjahan Jewel Trendy Restaurant Menu trendy-restaurant-menu allows DOM-Based XSS.This issue affects Trendy Restaurant Menu: from n/a through <= 1.0.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wojciechborowicz Smooth Maps colour-smooth-maps allows Stored XSS.This issue affects Smooth Maps: from n/a through <= 1.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maximilian Ruthe Mage Front End Forms mage-forms allows Stored XSS.This issue affects Mage Front End Forms: from n/a through <= 1.1.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SolverWp Elementor Portfolio Builder portfolio-builder-elementor allows DOM-Based XSS.This issue affects Elementor Portfolio Builder: from n/a through <= 1.0.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tigrisflexplatform Tigris Flexplatform tigris-flexplatform allows Stored XSS.This issue affects Tigris Flexplatform: from n/a through <= 1.0.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Erik Saulnier News Articles news-articles allows Stored XSS.This issue affects News Articles: from n/a through <= 1.0.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saul Morales Pacheco Banner System banner-system allows Stored XSS.This issue affects Banner System: from n/a through <= 1.0.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ParOne, Inc ParOne Feeds parone allows DOM-Based XSS.This issue affects ParOne Feeds: from n/a through <= 1.17.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ryscript NV Slider nv-slider allows Stored XSS.This issue affects NV Slider: from n/a through <= 1.6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in plenigo Plenigo plenigo allows Stored XSS.This issue affects Plenigo: from n/a through <= 1.12.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bnisia IA Map Analytics Basic ia-map-analytics-basic allows DOM-Based XSS.This issue affects IA Map Analytics Basic: from n/a through <= 20170413.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in luzuk Themes Luzuk Team luzuk-team allows Stored XSS.This issue affects Luzuk Team: from n/a through <= 0.1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Astoundify Jobify jobify allows Stored XSS.This issue affects Jobify: from n/a through < 4.3.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rezaul Wd-image-magnifier-xoss wd-image-magnifier-xoss allows DOM-Based XSS.This issue affects Wd-image-magnifier-xoss: from n/a through <= 1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Masashi Takizawa Multi-day Booking Calendar multi-day-booking-calendar allows DOM-Based XSS.This issue affects Multi-day Booking Calendar: from n/a through <= 1.0.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jakeatthrive Brand my Footer brand-my-footer allows DOM-Based XSS.This issue affects Brand my Footer: from n/a through <= 1.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marco Piarulli My Restaurant Menu my-restaurant-menu allows Stored XSS.This issue affects My Restaurant Menu: from n/a through <= 0.2.0.
A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product A cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fayjur Pdf Embedder Fay pdf-embedder-fay allows DOM-Based XSS.This issue affects Pdf Embedder Fay: from n/a through <= 1.10.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Monarkie DCS audioCase audiocase allows DOM-Based XSS.This issue affects audioCase: from n/a through <= 1.2.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Md. Shiddikur Rahman Ultimate Accordion ultimate-accordion allows DOM-Based XSS.This issue affects Ultimate Accordion: from n/a through <= 1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Builder themify-builder allows Stored XSS.This issue affects Themify Builder: from n/a through <= 7.6.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webangon The Pack Elementor addons the-pack-addon allows Stored XSS.This issue affects The Pack Elementor addons: from n/a through <= 2.1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bchristopeit WoW Guild Armory Roster guild-armory-roster allows Stored XSS.This issue affects WoW Guild Armory Roster: from n/a through <= 0.5.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in luzuk Themes Luzuk Slider luzuk-slider allows Stored XSS.This issue affects Luzuk Slider: from n/a through <= 0.1.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tapan Kumer Das DuoGeek Blocks duogeek-blocks allows Stored XSS.This issue affects DuoGeek Blocks: from n/a through 0.1.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wordpresteem WE – Client Logo Carousel we-client-logo-carousel allows Stored XSS.This issue affects WE – Client Logo Carousel: from n/a through <= 1.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sellerthemes Storely storely allows Stored XSS.This issue affects Storely: from n/a through <= 14.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maidul Dynamic Post Grid Elementor Addon dynamic-post-grid-elementor-addon allows DOM-Based XSS.This issue affects Dynamic Post Grid Elementor Addon: from n/a through <= 1.0.6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in geoWP Geoportail Shortcode geoportail-shortcode allows Stored XSS.This issue affects Geoportail Shortcode: from n/a through <= 2.4.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gabriel Serafini Christian Science Bible Lesson Subjects christian-science-bible-lesson-subjects allows DOM-Based XSS.This issue affects Christian Science Bible Lesson Subjects: from n/a through <= 2.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webcodingplace Ultimate Classified Listings ultimate-classified-listings allows Stored XSS.This issue affects Ultimate Classified Listings: from n/a through <= 1.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in verkkovaraani Print PDF Generator and Publisher nopeamedia allows Stored XSS.This issue affects Print PDF Generator and Publisher: from n/a through <= 1.1.6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nazmul Ahsan MDC YouTube Downloader mdc-youtube-downloader allows DOM-Based XSS.This issue affects MDC YouTube Downloader: from n/a through <= 3.0.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tailored Media Tailored Tools tailored-tools allows Stored XSS.This issue affects Tailored Tools: from n/a through <= 1.8.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Meini Utech Spinning Earth utech-spinning-earth allows DOM-Based XSS.This issue affects Utech Spinning Earth: from n/a through <= 1.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in intelligentDesign Keymaster Chord Notation Free keymaster-chord-notation-free allows Stored XSS.This issue affects Keymaster Chord Notation Free: from n/a through <= 1.0.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uri Lazcano Ekiline Block Collection ekiline-block-collection allows DOM-Based XSS.This issue affects Ekiline Block Collection: from n/a through <= 1.0.5.