Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PhotoShelter PhotoShelter for Photographers Blog Feed Plugin allows Stored XSS. This issue affects PhotoShelter for Photographers Blog Feed Plugin: from n/a through 1.5.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GalleryCreator Gallery Blocks with Lightbox allows Stored XSS.This issue affects Gallery Blocks with Lightbox: from n/a through 3.2.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ajay WebberZone Snippetz allows Stored XSS. This issue affects WebberZone Snippetz: from n/a through 2.1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Suresh Prasad Showeblogin Social allows DOM-Based XSS. This issue affects Showeblogin Social: from n/a through 7.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stylemix Cost Calculator Builder allows Stored XSS. This issue affects Cost Calculator Builder: from n/a through 3.2.65.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Header and Footer allows Stored XSS. This issue affects CM Header and Footer: from n/a through 1.2.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LABCAT Processing Projects allows DOM-Based XSS. This issue affects Processing Projects: from n/a through 1.0.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPeka WP AdCenter allows Stored XSS. This issue affects WP AdCenter: from n/a through 2.5.9.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPWheels BlockWheels allows DOM-Based XSS. This issue affects BlockWheels: from n/a through 1.0.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in C. Johnson Footnotes for WordPress allows Stored XSS. This issue affects Footnotes for WordPress: from n/a through 2016.1230.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PressTigers Simple Owl Carousel allows DOM-Based XSS. This issue affects Simple Owl Carousel: from n/a through 1.1.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BooSpot Boo Recipes allows Stored XSS. This issue affects Boo Recipes: from n/a through 2.4.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kibru Demeke Ethiopian Calendar allows Stored XSS. This issue affects Ethiopian Calendar: from n/a through 1.1.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stylemix Motors allows Stored XSS. This issue affects Motors: from n/a through 1.4.65.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldGrid Sprout Clients allows Stored XSS. This issue affects Sprout Clients: from n/a through 3.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tockify Tockify Events Calendar allows DOM-Based XSS. This issue affects Tockify Events Calendar: from n/a through 2.2.13.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExpressTech Systems Gutena Kit – Gutenberg Blocks and Templates allows Stored XSS. This issue affects Gutena Kit – Gutenberg Blocks and Templates: from n/a through 2.0.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS. This issue affects Xpro Elementor Addons: from n/a through 1.4.9.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aThemeArt News, Magazine and Blog Elements allows Stored XSS. This issue affects News, Magazine and Blog Elements: from n/a through 1.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mindshare Labs, Inc. WP Ultimate Search allows Stored XSS. This issue affects WP Ultimate Search: from n/a through 2.0.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arni Cinco Subscription Form for Feedblitz allows Stored XSS. This issue affects Subscription Form for Feedblitz: from n/a through 1.0.9.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPelite HMH Footer Builder For Elementor allows Stored XSS. This issue affects HMH Footer Builder For Elementor: from n/a through 1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DEJAN Hypotext allows Stored XSS. This issue affects Hypotext: from n/a through 1.0.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Bridge Core allows Stored XSS. This issue affects Bridge Core: from n/a through n/a.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devsoftbaltic SurveyJS allows Stored XSS. This issue affects SurveyJS: from n/a through 1.12.20.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Infoway LLC Ebook Downloader allows Stored XSS. This issue affects Ebook Downloader: from n/a through 1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdiscover Timeline Event History allows Stored XSS. This issue affects Timeline Event History: from n/a through 3.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Denra.com WP Date and Time Shortcode allows Stored XSS. This issue affects WP Date and Time Shortcode: from n/a through 2.6.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paolo Melchiorre Send E-mail allows Stored XSS. This issue affects Send E-mail: from n/a through 1.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftHopper Custom Content Scrollbar allows Stored XSS. This issue affects Custom Content Scrollbar: from n/a through 1.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel Floeter Hyperlink Group Block allows DOM-Based XSS. This issue affects Hyperlink Group Block: from n/a through 2.0.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in markkinchin Beds24 Online Booking allows Stored XSS. This issue affects Beds24 Online Booking: from n/a through 2.0.26.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Twice Commerce Twice Commerce allows DOM-Based XSS. This issue affects Twice Commerce: from n/a through 1.3.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vektor,Inc. VK Filter Search allows Stored XSS. This issue affects VK Filter Search: from n/a through 2.14.1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kevinweber wBounce allows Stored XSS. This issue affects wBounce: from n/a through 1.8.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pgn4web Embed Chessboard allows Stored XSS. This issue affects Embed Chessboard: from n/a through 3.07.00.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in phantom.omaga Toggle Box allows Stored XSS. This issue affects Toggle Box: from n/a through 1.6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mashi Simple Map No Api allows Stored XSS. This issue affects Simple Map No Api: from n/a through 1.9.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum WP Crowdfunding allows Stored XSS. This issue affects WP Crowdfunding: from n/a through 2.1.13.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpszaki Lightweight and Responsive Youtube Embed allows Stored XSS. This issue affects Lightweight and Responsive Youtube Embed: from n/a through 1.0.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in carperfer CoverManager allows Stored XSS. This issue affects CoverManager: from n/a through 0.0.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Quantity Dynamic Pricing & Bulk Discounts for WooCommerce allows Stored XSS. This issue affects Quantity Dynamic Pricing & Bulk Discounts for WooCommerce: from n/a through 4.0.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in teastudio.pl WP Posts Carousel allows Stored XSS. This issue affects WP Posts Carousel: from n/a through 1.3.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fromdoppler Doppler Forms allows Stored XSS. This issue affects Doppler Forms: from n/a through 2.4.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gosign Gosign – Posts Slider Block allows Stored XSS. This issue affects Gosign – Posts Slider Block: from n/a through 1.1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in softnwords SMM API allows Stored XSS. This issue affects SMM API: from n/a through 6.0.27.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor Alam Magical Blocks allows Stored XSS. This issue affects Magical Blocks: from n/a through 1.0.10.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Content Manager Light allows Stored XSS. This issue affects Content Manager Light: from n/a through 3.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blocksera Image Hover Effects Block allows Stored XSS. This issue affects Image Hover Effects Block: from n/a through 1.4.5.
Jenkins AnchorChain Plugin 1.0 does not limit URL schemes for links it creates based on workspace content, allowing the `javascript:` scheme, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control the input file for the Anchor Chain post-build step.