Total
43757 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22692 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rachanaS Sponsered Link sponsered-link allows Reflected XSS.This issue affects Sponsered Link: from n/a through <= 4.0. | ||||
| CVE-2025-49871 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noptin Newsletter Team Noptin newsletter-optin-box allows Stored XSS.This issue affects Noptin: from n/a through <= 3.8.7. | ||||
| CVE-2023-43962 | 2026-04-15 | 4.8 Medium | ||
| Cross Site Scripting vulnerability in Xunrui CMS Public Edition v.4.6.1 allows a remote attacker to execute arbitrary code via the project name function in the project settings tab. | ||||
| CVE-2025-22725 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in loopus WP Virtual Assistant VirtualAssistant allows Stored XSS.This issue affects WP Virtual Assistant: from n/a through <= 3.1. | ||||
| CVE-2025-0420 | 1 Parasut Software | 1 Parasut | 2026-04-15 | 4.7 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Paraşüt Software Paraşüt allows Cross-Site Scripting (XSS).This issue affects Paraşüt: from 0.0.0.65efa44e through 20250204. | ||||
| CVE-2024-47380 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay allows Reflected XSS.This issue affects WP-Lister Lite for eBay: from n/a through <= 3.6.3. | ||||
| CVE-2025-23724 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in oleksandr87 University Quizzes Online university-quizzes-online allows Reflected XSS.This issue affects University Quizzes Online: from n/a through <= 1.4. | ||||
| CVE-2025-23737 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thobian Network-Favorites network-favorites allows Reflected XSS.This issue affects Network-Favorites: from n/a through <= 1.1. | ||||
| CVE-2025-23758 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pootlepress Pootle button pootle-button allows Reflected XSS.This issue affects Pootle button: from n/a through <= 1.2.0. | ||||
| CVE-2024-47386 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended wpextended allows Reflected XSS.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through <= 3.0.8. | ||||
| CVE-2024-47394 | 2 Eyecix, Wordpress | 2 Jobsearch, Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch wp-jobsearch allows Reflected XSS.This issue affects JobSearch: from n/a through <= 2.5.9. | ||||
| CVE-2025-22765 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weiluri WP Order By wp-order-by allows Reflected XSS.This issue affects WP Order By: from n/a through <= 1.4.2. | ||||
| CVE-2025-22767 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Global Payments GlobalPayments WooCommerce global-payments-woocommerce allows Reflected XSS.This issue affects GlobalPayments WooCommerce: from n/a through <= 1.13.2. | ||||
| CVE-2025-67631 | 2 Ecommerce Platforms, Wordpress | 2 Gift Hunt, Wordpress | 2026-04-15 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ecommerce Platforms Gift Hunt gift-hunt allows Stored XSS.This issue affects Gift Hunt: from n/a through <= 2.0.2. | ||||
| CVE-2025-22776 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codebycarter WP Bulletin Board wp-bulletin-board allows Reflected XSS.This issue affects WP Bulletin Board: from n/a through <= 1.1.4. | ||||
| CVE-2024-47644 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Copyscape Copyscape Premium copyscape-premium allows Stored XSS.This issue affects Copyscape Premium: from n/a through <= 1.3.9. | ||||
| CVE-2023-4507 | 1 Zvijerka | 1 Admission Appmanager | 2026-04-15 | 6.1 Medium |
| The Admission AppManager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'q' parameter in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | ||||
| CVE-2025-22794 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ianhaycox World Cup Predictor world-cup-predictor allows Reflected XSS.This issue affects World Cup Predictor: from n/a through <= 1.9.8. | ||||
| CVE-2025-55473 | 2026-04-15 | 6.1 Medium | ||
| Asian Arts Talents Foundation (AATF) Website v5.1.x and Docker version 2024.12.8.1 are vulnerable to Cross Site Scripting (XSS). The vulnerability exists in the /ip.php endpoint, which processes and displays the X-Forwarded-For HTTP header without proper sanitization or output encoding. This allows an attacker to inject malicious JavaScript code that will execute in visitor browsers. | ||||
| CVE-2025-53093 | 2026-04-15 | 8.6 High | ||
| TabberNeue is a MediaWiki extension that allows the wiki to create tabs. Starting in version 3.0.0 and prior to version 3.1.1, any user can insert arbitrary HTMLinto the DOM by inserting a payload into any allowed attribute of the `<tabber>` tag. Version 3.1.1 contains a patch for the bug. | ||||