Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
19 HIGH1 MEDIUM
CVE-2025-67964
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Homey Core homey-core allows Reflected XSS.This issue affects Homey Core: from n/a thro
NVD RRF 0.016
CVE-2025-31037
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Homey homey allows Reflected XSS.This issue affects Homey: from n/a through <= 2.4.5.
NVD RRF 0.016
CVE-2025-49407
HIGH CVSS 8.8
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez allows Reflected XSS. This issue affects Houzez: from n/a through 4.1.1.
NVD RRF 0.016
CVE-2024-43244
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in favethemes Houzez allows Reflected XSS.This issue affects Houzez: from n/a through 3.2.4.
NVD RRF 0.016
CVE-2026-24983
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UpSolution UpSolution Core us-core allows Reflected XSS.This issue affects UpSolution Core: from n
NVD RRF 0.015
CVE-2025-59571
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: f
NVD RRF 0.015
CVE-2025-67960
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: f
NVD RRF 0.015
CVE-2025-39508
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NasaTheme Nasa Core nasa-core allows Reflected XSS.This issue affects Nasa Core: from n/a through
NVD RRF 0.015
CVE-2025-22678
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mythemes my white allows Reflected XSS.This issue affects my white: from n/a through 2.0.8.
NVD RRF 0.014
CVE-2026-24979
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Jobica Core jobica-core allows Reflected XSS.This issue affects Jobica Core: from n/a thr
NVD RRF 0.014
CVE-2024-49283
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme CURCY woo-multi-currency allows Reflected XSS.This issue affects CURCY: from n/a throug
NVD RRF 0.014
CVE-2025-69302
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designthemes DesignThemes Core Features designthemes-core-features allows Reflected XSS.This issue
NVD RRF 0.014
CVE-2026-25342
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kutethemes Boutique kute-boutique allows Reflected XSS.This issue affects Boutique: from n/a throu
NVD RRF 0.014
CVE-2025-22499
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FAKTOR VIER F4 Post Tree f4-tree allows Reflected XSS.This issue affects F4 Post Tree: from n/a th
NVD RRF 0.014
CVE-2024-56056
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kmfoysal06 SimpleCharm simplecharm allows Reflected XSS.This issue affects SimpleCharm: from n/a t
kmfoysal06
NVD RRF 0.013
CVE-2025-23683
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xdxdVSxdxd MACME macme allows Reflected XSS.This issue affects MACME: from n/a through <= 1.2.
NVD RRF 0.013
CVE-2025-67959
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in purethemes WorkScout workscout allows Reflected XSS.This issue affects WorkScout: from n/a through
NVD RRF 0.013
CVE-2024-38711
MEDIUM CVSS 6.1
Find Similar
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library allows Reflected XSS.This issue affects Link Library: from n/
ylefebvre
NVD RRF 0.013
CVE-2025-22636
HIGH CVSS 8.2
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vicente Ruiz Gálvez VR-Frases vr-frases allows Reflected XSS.This issue affects VR-Frases: from n/
NVD RRF 0.013
CVE-2025-15654
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fox-themes Prague allows Reflected XSS. This issue affects Prague: from n/a through 2.2.8.
NVD RRF 0.013
Page 1+ Next →