Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
7 HIGH13 MEDIUM
CVE-2025-69020
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Software Newsletters newsletters-lite allows Stored XSS.This issue affects Newsletters:
NVD RRF 0.016
CVE-2024-47346
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Software Newsletters newsletters-lite allows Reflected XSS.This issue affects Newsletter
NVD RRF 0.016
CVE-2025-24599
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Software Newsletters newsletters-lite allows Reflected XSS.This issue affects Newsletter
NVD RRF 0.016
CVE-2024-43279
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tribulant Newsletters allows Reflected XSS.This issue affects Newsletters: from n/a through
NVD RRF 0.016
CVE-2024-47376
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Software Slideshow Gallery slideshow-gallery allows Cross-Site Scripting (XSS).This issu
NVD RRF 0.015
CVE-2025-46236
MEDIUM CVSS 5.4
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Software LLC HTML Forms html-forms allows Stored XSS.This issue affects HTML Forms: from n/a
linksoftwarellc
NVD RRF 0.015
CVE-2025-31080
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Software LLC HTML Forms html-forms allows Stored XSS.This issue affects HTML Forms: from n/a
NVD RRF 0.015
CVE-2025-30921
HIGH CVSS 7.6
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Software Newsletters newsletters-lite allows SQL Injection.This issue affects Newsletter
NVD RRF 0.015
CVE-2025-31770
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Content Manager Light content-manager-light allows Stored XSS.This issue affects Content
NVD RRF 0.014
CVE-2025-26919
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tainacan Tainá taina allows Stored XSS.This issue affects Tainá: from n/a through < 0.2.5.
NVD RRF 0.014
CVE-2025-30858
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Software Snow Storm snow-storm allows Reflected XSS.This issue affects Snow Storm: from
NVD RRF 0.014
CVE-2025-22662
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SendPulse SendPulse Email Marketing Newsletter sendpulse-email-marketing-newsletter allows Stored
NVD RRF 0.014
CVE-2025-47547
MEDIUM CVSS 5.4
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SendPulse SendPulse Email Marketing Newsletter sendpulse-email-marketing-newsletter allows Stored
sendpulse
NVD RRF 0.014
CVE-2024-43307
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gordon Böhme, Antonio Leutsch Structured Content allows Stored XSS.This issue affects Struc
NVD RRF 0.014
CVE-2025-32136
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in activecampaign ActiveCampaign activecampaign-subscription-forms allows Stored XSS.This issue affec
NVD RRF 0.013
CVE-2025-62940
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick Diego Blox Lite blox-lite allows Stored XSS.This issue affects Blox Lite: from n/a through <=
NVD RRF 0.013
CVE-2025-58966
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Basix NEX-Forms LITE nex-forms-lite allows Reflected XSS.This issue affects NEX-Forms LITE: from n
NVD RRF 0.013
CVE-2025-62974
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CoSchedule Headline Analyzer headline-analyzer allows Stored XSS.This issue affects Headline Analy
NVD RRF 0.013
CVE-2025-54729
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webba Appointment Booking Webba Booking webba-booking-lite allows Stored XSS.This issue affects We
NVD RRF 0.013
CVE-2025-48131
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saiful Islam UltraAddons Elementor Lite ultraaddons-elementor-lite allows Stored XSS.This issue af
NVD RRF 0.013
Page 1+ Next →