Security Vulnerabilities, CVEs, (XSS) CVSS score >= 7
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Reflected XSS.This issue affects WordPress Importer: from n/a through 1.0.4.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 BEAR allows Reflected XSS.This issue affects BEAR: from n/a through 1.1.4.2.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-28
Updated
2024-03-28
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for Amazon allows Reflected XSS.This issue affects WP-Lister Lite for Amazon: from n/a through 2.6.8.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Appscreo Easy Social Share Buttons allows Reflected XSS.This issue affects Easy Social Share Buttons: from n/a through 9.4.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Semenov New RoyalSlider allows Reflected XSS.This issue affects New RoyalSlider: from n/a through 3.4.2.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Sunshine Sunshine Photo Cart allows Reflected XSS.This issue affects Sunshine Photo Cart: from n/a through 3.1.1.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Go Maps (formerly WP Google Maps) WP Google Maps allows Reflected XSS.This issue affects WP Google Maps: from n/a through 9.0.29.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Codeus Advanced Sermons allows Reflected XSS.This issue affects Advanced Sermons: from n/a through 3.1.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in W3 Eden, Inc. Premium Packages allows Reflected XSS.This issue affects Premium Packages: from n/a through 5.8.2.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PropertyHive allows Reflected XSS.This issue affects PropertyHive: from n/a through 2.0.8.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Photo Gallery Team Photo Gallery by Ays allows Reflected XSS.This issue affects Photo Gallery by Ays: from n/a through 5.5.2.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Survey Maker team Survey Maker allows Reflected XSS.This issue affects Survey Maker: from n/a through 4.0.6.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Podlove Podlove Podcast Publisher allows Reflected XSS.This issue affects Podlove Podcast Publisher: from n/a through 4.0.9.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Active Websight SEO Backlink Monitor allows Reflected XSS.This issue affects SEO Backlink Monitor: from n/a through 1.5.0.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Cross-Site Scripting (XSS) vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/index/getdepartments/format/html, 'business_id' parameter. The exploitation of this vulnerability could allow a remote user to send a specially crafted URL to the victim and steal their session data.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-21
Updated
2024-03-21
Cross-Site Scripting (XSS) vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/sitepreference/add, 'description' parameter. The exploitation of this vulnerability could allow a remote user to send a specially crafted URL to the victim and steal their session data.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-21
Updated
2024-03-21
Cross-Site Scripting (XSS) vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/expenses/expensecategories/edit, 'expense_category_name' parameter. The exploitation of this vulnerability could allow a remote user to send a specially crafted URL to the victim and steal their session data.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-21
Updated
2024-03-21
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Reservation Diary ReDi Restaurant Reservation allows Reflected XSS.This issue affects ReDi Restaurant Reservation: from n/a through 24.0128.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShopUp Shipping with Venipak for WooCommerce allows Reflected XSS.This issue affects Shipping with Venipak for WooCommerce: from n/a through 1.19.5.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Conversios Conversios.Io allows Reflected XSS.This issue affects Conversios.Io: from n/a through 6.9.1.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Reflected XSS.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.93.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Reflected XSS.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 2.01.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Squirrly SEO Plugin by Squirrly SEO allows Reflected XSS.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.3.16.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPMU DEV Forminator allows Reflected XSS.This issue affects Forminator: from n/a through 1.29.0.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpDirectoryKit WP Directory Kit allows Reflected XSS.This issue affects WP Directory Kit: from n/a through 1.2.9.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-27
Updated
2024-03-27