Security Vulnerabilities, CVEs, (XSS) CVSS score >= 7
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mat Bao Corp WP Helper Premium allows Reflected XSS.This issue affects WP Helper Premium: from n/a before 4.6.0.
Max CVSS
7.1
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress Export Import allows Reflected XSS.This issue affects LearnPress Export Import: from n/a through 4.0.3.
Max CVSS
7.1
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvialoSimple EnvíaloSimple allows Reflected XSS.This issue affects EnvíaloSimple: from n/a through 2.2.
Max CVSS
7.1
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in extendWP Import Content in WordPress & WooCommerce with Excel allows Reflected XSS.This issue affects Import Content in WordPress & WooCommerce with Excel: from n/a through 4.2.
Max CVSS
7.1
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Photo Gallery Team Photo Gallery by 10Web allows Reflected XSS.This issue affects Photo Gallery by 10Web: from n/a through 1.8.21.
Max CVSS
7.1
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bowo Debug Log Manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through 2.3.1.
Max CVSS
7.1
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Slider by 10Web allows Reflected XSS.This issue affects Slider by 10Web: from n/a through 1.2.54.
Max CVSS
7.1
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashish Ajani WP Simple HTML Sitemap allows Reflected XSS.This issue affects WP Simple HTML Sitemap: from n/a through 2.8.
Max CVSS
7.1
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Archetyped Cornerstone allows Reflected XSS.This issue affects Cornerstone: from n/a through 0.8.0.
Max CVSS
7.1
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP 2FA allows Reflected XSS.This issue affects WP 2FA: from n/a through 2.6.2.
Max CVSS
7.1
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Designinvento DirectoryPress allows Reflected XSS.This issue affects DirectoryPress: from n/a through 3.6.7.
Max CVSS
7.1
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VikBooking Hotel Booking Engine & PMS allows Reflected XSS.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.6.7.
Max CVSS
7.1
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Stored XSS.This issue affects Z Y N I T H: from n/a through 7.4.9.
Max CVSS
8.6
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hwk-fr WP 404 Auto Redirect to Similar Post allows Reflected XSS.This issue affects WP 404 Auto Redirect to Similar Post: from n/a through 1.0.4.
Max CVSS
7.1
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in impleCode eCommerce Product Catalog allows Reflected XSS.This issue affects eCommerce Product Catalog: from n/a through 3.3.32.
Max CVSS
7.1
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in looks_awesome Superfly Menu allows Stored XSS.This issue affects Superfly Menu: from n/a through 5.0.25.
Max CVSS
7.1
EPSS Score
N/A
Published
2024-04-18
Updated
2024-04-18
Cross-Site Request Forgery (CSRF) vulnerability in BMI Adult & Kid Calculator allows Stored XSS.This issue affects BMI Adult & Kid Calculator: from n/a through 1.2.1.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Cross-Site Request Forgery (CSRF) vulnerability in Microkid Related Posts for WordPress allows Cross-Site Scripting (XSS).This issue affects Related Posts for WordPress: from n/a through 4.0.3.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adam Bowen Tax Rate Upload allows Reflected XSS.This issue affects Tax Rate Upload: from n/a through 2.4.5.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Canva Canva – Design beautiful blog graphics allows Reflected XSS.This issue affects Canva – Design beautiful blog graphics: from n/a through 1.2.4.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Netgsm allows Reflected XSS.This issue affects Netgsm: from n/a through 2.8.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Minoji MJ Update History allows Reflected XSS.This issue affects MJ Update History: from n/a through 1.0.4.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Organic Themes Bulk Block Converter allows Reflected XSS.This issue affects Bulk Block Converter: from n/a through 1.0.1.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tobias Battenberg WP-Cufon allows Stored XSS.This issue affects WP-Cufon: from n/a through 1.6.10.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Cross-Site Request Forgery (CSRF) vulnerability in Joshua Eldridge Easy CountDowner allows Stored XSS.This issue affects Easy CountDowner: from n/a through 1.0.8.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
2320 vulnerabilities found
1
2
3
4
5
6 ......
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93