Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
2 HIGH18 MEDIUM
CVE-2025-23940
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in horiyuki Image Switcher image-switcher allows Stored XSS.This issue affects Image Switcher: from n
NVD RRF 0.016
CVE-2025-23939
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KHAN-IT Image Switcher image-switcher allows Stored XSS.This issue affects Image Switcher: from n/
NVD RRF 0.016
CVE-2025-46239
MEDIUM CVSS 5.4
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Theme Switcha theme-switcha allows Stored XSS.This issue affects Theme Switcha: from n/
plugin-planet
NVD RRF 0.016
CVE-2024-51896
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webvitaly Magic Slider magic-slider allows Stored XSS.This issue affects Magic Slider: from n/a th
NVD RRF 0.016
CVE-2024-44043
MEDIUM CVSS 4.8
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Stored XSS.This issue affects Photo Gallery by 1
10web
NVD RRF 0.015
CVE-2026-27360
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Stored XSS.This issue affects Photo Gallery by 1
NVD RRF 0.015
CVE-2024-37246
MEDIUM CVSS 5.4
Find Similar
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jethin Gallery Slideshow allows Stored XSS.This issue affects Gallery Slideshow: from n/a t
gallery_slideshow_project
NVD RRF 0.015
CVE-2025-22798
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CHR Designer Responsive jQuery Slider responsive-jquery-slider allows Stored XSS.This issue affect
NVD RRF 0.015
CVE-2025-28936
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sakurapixel Lunar lunar-sell-photos-online allows Stored XSS.This issue affects Lunar: from n/a th
NVD RRF 0.014
CVE-2025-52710
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ninja Team File Manager Pro filester allows Stored XSS.This issue affects File Manager Pro: from n
NVD RRF 0.014
CVE-2024-37414
MEDIUM CVSS 5.4
Find Similar
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Stored XSS.This issue affects De
depicter
NVD RRF 0.014
CVE-2025-31770
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Content Manager Light content-manager-light allows Stored XSS.This issue affects Content
NVD RRF 0.014
CVE-2025-31025
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blocksera Image Hover Effects Block image-hover-effects-block allows Stored XSS.This issue affects
NVD RRF 0.014
CVE-2025-57906
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in epeken Epeken All Kurir epeken-all-kurir allows Stored XSS.This issue affects Epeken All Kurir: fr
NVD RRF 0.014
CVE-2024-37961
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in codoc.Jp allows Stored XSS.This issue affects codoc: from n/a through 0.9.51.12.
NVD RRF 0.013
CVE-2025-22769
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Creative Brahma Multifox allows Stored XSS.This issue affects Multifox: from n/a through 1.3.7.
NVD RRF 0.013
CVE-2025-58266
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fumiki Takahashi Gianism gianism allows Stored XSS.This issue affects Gianism: from n/a through <=
NVD RRF 0.013
CVE-2025-62125
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anshul Gangrade Custom Background Changer custom-background-changer allows Stored XSS.This issue a
NVD RRF 0.013
CVE-2025-27352
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wumii team 无觅相关文章插件 wumii-related-posts allows Stored XSS.This issue affects 无觅相关文章插件: from n/a th
NVD RRF 0.013
CVE-2026-24555
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in artplacer ArtPlacer Widget artplacer-widget allows Stored XSS.This issue affects ArtPlacer Widget:
NVD RRF 0.013
Page 1+ Next →