Administrator Cross Site Scripting (XSS) in WP Emmet <= 0.3.4 versions.
Unauthenticated Cross Site Scripting (XSS) in MW WP Form <= 5.1.3 versions.
Unauthenticated Cross Site Scripting (XSS) in ManageWP Worker <= 4.9.31 versions.
Subscriber Cross Site Scripting (XSS) in WP Job Portal <= 2.5.2 versions.
Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions.
Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions.
Unauthenticated Cross Site Scripting (XSS) in AutomatorWP <= 5.7.2 versions.
Cross-site scripting vulnerability exists in My WP Customize Admin/Frontend versions prior to ver 1.24.1. If a malicious administrative user customizes the administrative page with some malicious cont
Unauthenticated Cross Site Scripting (XSS) in AutomatorWP <= 5.6.7 versions.
Unauthenticated Cross Site Scripting (XSS) in GiveWP <= 4.14.2 versions.
Unauthenticated Cross Site Scripting (XSS) in WP Time Slots Booking Form <= 1.2.46 versions.
The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tag-name’ parameter in all versions up t
EyouCMS 1.6.7 is vulnerable to Cross Site Scripting (XSS) in /login.php?m=admin&c=System&a=web&lang=cn.
Unauthenticated Cross Site Scripting (XSS) in WPFunnels Pro <= 2.9.4 versions.
The WP Project Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.6.22 due to insufficient input sanitization and ou
The OceanWP theme for WordPress is vulnerable to Stored Cross-Site Scripting via the Select HTML tag in all versions up to, and including, 4.0.9 due to insufficient input sanitization and output escap
Cross-site scripting vulnerability exists in WP Admin UI Customize versions prior to ver 1.5.14. If a malicious admin user customizes the admin screen with some malicious contents, an arbitrary script
Sourcecodester Employee Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via 'Add Designation.'
SourceCodester (rems) Employee Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in add_employee.php via the First Name and Address text fields.
A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText Enterprise Security Manager. The vulnerability could be remotely exploited.
Page 1+ Next →