Total
42233 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-41358 | 1 Garage Management System Project | 1 Garage Management System | 2025-05-08 | N/A | 5.4 MEDIUM |
|
A stored cross-site scripting (XSS) vulnerability in Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the categoriesName parameter in createCategories.php.
|
|||||
| CVE-2022-42206 | 1 Phpgurukul | 1 Hospital Management System | 2025-05-08 | N/A | 5.4 MEDIUM |
|
PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via doctor/view-patient.php, admin/view-patient.php, and view-medhistory.php.
|
|||||
| CVE-2022-42205 | 1 Phpgurukul | 1 Hospital Management System | 2025-05-08 | N/A | 5.4 MEDIUM |
|
PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via add-patient.php.
|
|||||
| CVE-2025-47516 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Time Clock allows Stored XSS. This issue affects Time Clock: from n/a through 1.2.3.
|
|||||
| CVE-2025-47503 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpo-HR NGG Smart Image Search allows Stored XSS. This issue affects NGG Smart Image Search: from n/a through 3.3.3.
|
|||||
| CVE-2025-47515 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seb WP DPE-GES allows DOM-Based XSS. This issue affects WP DPE-GES: from n/a through 1.6.
|
|||||
| CVE-2025-47506 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ajay Contextual Related Posts allows DOM-Based XSS. This issue affects Contextual Related Posts: from n/a through 4.0.2.
|
|||||
| CVE-2025-47449 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jordy Meow Meow Gallery allows Stored XSS. This issue affects Meow Gallery: from n/a through 5.2.7.
|
|||||
| CVE-2025-47524 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in karim42 Quran multilanguage Text & Audio allows Stored XSS. This issue affects Quran multilanguage Text & Audio: from n/a through 2.3.23.
|
|||||
| CVE-2025-47493 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ultimate Blocks Ultimate Blocks allows DOM-Based XSS. This issue affects Ultimate Blocks: from n/a through 3.2.9.
|
|||||
| CVE-2025-47522 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AWEOS GmbH AWEOS WP Lock allows Stored XSS. This issue affects AWEOS WP Lock: from n/a through 1.4.8.
|
|||||
| CVE-2025-47525 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Builder allows Stored XSS. This issue affects Bold Page Builder: from n/a through 5.3.0.
|
|||||
| CVE-2025-47505 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ProWCPlugins Product Time Countdown for WooCommerce allows Stored XSS. This issue affects Product Time Countdown for WooCommerce: from n/a through 1.6.2.
|
|||||
| CVE-2025-47476 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in add-ons.org Cost Calculator for Elementor allows DOM-Based XSS. This issue affects Cost Calculator for Elementor: from n/a through 1.3.3.
|
|||||
| CVE-2025-47509 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ajay Top 10 allows Stored XSS. This issue affects Top 10: from n/a through 4.1.0.
|
|||||
| CVE-2025-47495 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blockspare Blockspare allows Stored XSS. This issue affects Blockspare: from n/a through 3.2.9.
|
|||||
| CVE-2025-47441 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Reynolds Progress Bar allows Stored XSS. This issue affects Progress Bar: from n/a through 2.2.3.
|
|||||
| CVE-2025-47518 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on allows Stored XSS. This issue affects Contact Form 7 – PayPal & Stripe Add-on: from n/a through 2.3.4.
|
|||||
| CVE-2025-47443 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevart Widget Countdown allows Stored XSS. This issue affects Widget Countdown: from n/a through 2.7.4.
|
|||||
| CVE-2025-47520 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Charitable allows Stored XSS. This issue affects Charitable: from n/a through 1.8.5.1.
|
|||||
| CVE-2025-47521 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robosoft Robo Gallery allows Stored XSS. This issue affects Robo Gallery: from n/a through 5.0.2.
|
|||||
| CVE-2025-47499 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Simple Blog Stats allows Stored XSS. This issue affects Simple Blog Stats: from n/a through 20250416.
|
|||||
| CVE-2025-47482 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Skill Bar allows Stored XSS. This issue affects SKT Skill Bar: from n/a through 2.4.
|
|||||
| CVE-2025-47442 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CC CC BMI Calculator allows Stored XSS. This issue affects CC BMI Calculator: from n/a through 2.1.0.
|
|||||
| CVE-2025-47507 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ajay Better Search allows DOM-Based XSS. This issue affects Better Search: from n/a through 4.1.0.
|
|||||
| CVE-2025-47502 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick Mollie Forms allows Stored XSS. This issue affects Mollie Forms: from n/a through 2.7.12.
|
|||||
| CVE-2025-47475 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in artbees JupiterX Core allows Stored XSS. This issue affects JupiterX Core: from n/a through 4.8.11.
|
|||||
| CVE-2025-47488 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Builder allows DOM-Based XSS. This issue affects Bold Page Builder: from n/a through 5.3.2.
|
|||||
| CVE-2025-47489 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in markkinchin Beds24 Online Booking allows Stored XSS. This issue affects Beds24 Online Booking: from n/a through 2.0.29.
|
|||||
| CVE-2025-47501 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Code Atlantic Content Control allows DOM-Based XSS. This issue affects Content Control: from n/a through 2.6.1.
|
|||||
| CVE-2025-47593 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jonas Hjalmarsson Really Simple Under Construction Page allows Stored XSS. This issue affects Really Simple Under Construction Page: from n/a through 1.4.6.
|
|||||
| CVE-2025-47677 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gt3themes Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery allows Stored XSS. This issue affects Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery: from n/a through 2.7.7.25.
|
|||||
| CVE-2025-47607 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AppJetty Show All Comments allows Stored XSS. This issue affects Show All Comments: from n/a through 7.0.1.
|
|||||
| CVE-2025-47592 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lehel Mátyus Legal Terms and Conditions Popup for User Login and WooCommerce Checkout – TPUL allows Stored XSS. This issue affects Legal Terms and Conditions Popup for User Login and WooCommerce Checkout – TPUL: from n/a through 2.0.3.
|
|||||
| CVE-2025-47675 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in woobox Woobox allows DOM-Based XSS. This issue affects Woobox: from n/a through 1.6.
|
|||||
| CVE-2025-47615 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in flowdee Amazon Product in a Post allows Stored XSS. This issue affects Amazon Product in a Post: from n/a through 5.2.2.
|
|||||
| CVE-2025-47665 | 2025-05-08 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bistromatic N360 | Splash Screen allows Stored XSS. This issue affects N360 | Splash Screen: from n/a through 1.0.6.
|
|||||
| CVE-2025-47589 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in motov.net Ebook Store allows DOM-Based XSS. This issue affects Ebook Store: from n/a through 5.8007.
|
|||||
| CVE-2025-47656 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spiraclethemes Spiraclethemes Site Library allows Stored XSS. This issue affects Spiraclethemes Site Library: from n/a through 1.4.0.
|
|||||
| CVE-2025-47686 | 2025-05-08 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DELUCKS DELUCKS SEO allows Stored XSS. This issue affects DELUCKS SEO: from n/a through 2.5.9.
|
|||||