Total
42233 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-32134 | 2025-04-07 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KaizenCoders URL Shortify allows Stored XSS. This issue affects URL Shortify: from n/a through 1.10.4.
|
|||||
| CVE-2025-32194 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LA-Studio LA-Studio Element Kit for Elementor allows Stored XSS. This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.4.9.
|
|||||
| CVE-2025-32182 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spider Themes Spider Elements – Addons for Elementor allows Stored XSS. This issue affects Spider Elements – Addons for Elementor: from n/a through 1.6.2.
|
|||||
| CVE-2025-32175 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vektor,Inc. VK Filter Search allows Stored XSS. This issue affects VK Filter Search: from n/a through 2.14.1.0.
|
|||||
| CVE-2025-32165 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fromdoppler Doppler Forms allows Stored XSS. This issue affects Doppler Forms: from n/a through 2.4.5.
|
|||||
| CVE-2025-32184 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bdthemes Ultimate Store Kit Elementor Addons allows Stored XSS. This issue affects Ultimate Store Kit Elementor Addons: from n/a through 2.4.0.
|
|||||
| CVE-2025-22282 | 2025-04-07 | N/A | 7.1 HIGH | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EPC ez Form Calculator - WordPress plugin allows Reflected XSS.This issue affects ez Form Calculator - WordPress plugin: from n/a through 2.14.1.2.
|
|||||
| CVE-2025-32136 | 2025-04-07 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in activecampaign ActiveCampaign allows Stored XSS. This issue affects ActiveCampaign: from n/a through 8.1.16.
|
|||||
| CVE-2025-32183 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Galaxy Weblinks Video Playlist For YouTube allows Stored XSS. This issue affects Video Playlist For YouTube: from n/a through 6.6.
|
|||||
| CVE-2025-32197 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in piotnetdotcom Piotnet Addons For Elementor allows Stored XSS. This issue affects Piotnet Addons For Elementor: from n/a through 2.4.34.
|
|||||
| CVE-2025-32171 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Imtiaz Rayhan Table Block by Tableberg allows Stored XSS. This issue affects Table Block by Tableberg: from n/a through 0.6.0.
|
|||||
| CVE-2025-32192 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UltraPress Ultra Addons Lite for Elementor allows Stored XSS. This issue affects Ultra Addons Lite for Elementor: from n/a through 1.1.8.
|
|||||
| CVE-2024-13898 | 2025-04-07 | N/A | 4.4 MEDIUM | ||
|
The Simple Banner – Easily add multiple Banners/Bars/Notifications/Announcements to the top or bottom of your website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an inject ...
Show More |
|||||
| CVE-2025-32132 | 2025-04-07 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FunnelCockpit FunnelCockpit allows Stored XSS. This issue affects FunnelCockpit: from n/a through 1.4.2.
|
|||||
| CVE-2025-32172 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yuri Baranov YaMaps for WordPress allows Stored XSS. This issue affects YaMaps for WordPress: from n/a through 0.6.31.
|
|||||
| CVE-2025-32195 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart allows Stored XSS. This issue affects Ecwid Shopping Cart: from n/a through 7.0.
|
|||||
| CVE-2025-32191 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webangon News Element Elementor Blog Magazine allows DOM-Based XSS. This issue affects News Element Elementor Blog Magazine: from n/a through 1.0.7.
|
|||||
| CVE-2025-32166 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in John Housholder Emma for WordPress allows Stored XSS. This issue affects Emma for WordPress: from n/a through 1.3.3.
|
|||||
| CVE-2025-32174 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tockify Tockify Events Calendar allows DOM-Based XSS. This issue affects Tockify Events Calendar: from n/a through 2.2.13.
|
|||||
| CVE-2025-32190 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in smartwpress Musician's Pack for Elementor allows DOM-Based XSS. This issue affects Musician's Pack for Elementor: from n/a through 1.8.4.
|
|||||
| CVE-2025-32163 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS. This issue affects Xpro Elementor Addons: from n/a through 1.4.9.
|
|||||
| CVE-2025-32207 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anzar Ahmed Ni WooCommerce Cost Of Goods allows Stored XSS. This issue affects Ni WooCommerce Cost Of Goods: from n/a through 3.2.8.
|
|||||
| CVE-2025-32188 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ILLID Advanced Woo Labels allows Stored XSS. This issue affects Advanced Woo Labels: from n/a through 2.14.
|
|||||
| CVE-2025-31407 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hutsixdigital Tiger allows Stored XSS.This issue affects Tiger: from n/a through 2.0.
|
|||||
| CVE-2025-32161 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ryo Arkhe Blocks allows Stored XSS. This issue affects Arkhe Blocks: from n/a through 2.27.1.
|
|||||
| CVE-2025-32170 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stylemix Motors allows Stored XSS. This issue affects Motors: from n/a through 1.4.65.
|
|||||
| CVE-2025-32168 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeYatri Gutenify allows Stored XSS. This issue affects Gutenify: from n/a through 1.4.9.
|
|||||
| CVE-2025-32133 | 2025-04-07 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Secure Copy Content Protection and Content Locking allows Stored XSS. This issue affects Secure Copy Content Protection and Content Locking: from n/a through 4.5.1.
|
|||||
| CVE-2025-32169 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Suresh Prasad Showeblogin Social allows DOM-Based XSS. This issue affects Showeblogin Social: from n/a through 7.0.
|
|||||
| CVE-2025-32187 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Quý Lê 91 Administrator Z allows DOM-Based XSS. This issue affects Administrator Z: from n/a through 2025.03.04.
|
|||||
| CVE-2025-31416 | 2025-04-07 | N/A | 7.1 HIGH | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AwesomeTOGI Awesome Event Booking allows Reflected XSS.This issue affects Awesome Event Booking: from n/a through 2.8.4.
|
|||||
| CVE-2025-32167 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devsoftbaltic SurveyJS allows Stored XSS. This issue affects SurveyJS: from n/a through 1.12.20.
|
|||||
| CVE-2025-32181 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fast Simon Search, Filters & Merchandising for WooCommerce allows Stored XSS. This issue affects Search, Filters & Merchandising for WooCommerce: from n/a through 3.0.57.
|
|||||
| CVE-2025-32129 | 2025-04-07 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Data443 Risk Migitation, Inc. Welcome Bar allows Stored XSS. This issue affects Welcome Bar: from n/a through 2.0.4.
|
|||||
| CVE-2025-32189 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Best WP Developer BWD Elementor Addons allows DOM-Based XSS. This issue affects BWD Elementor Addons: from n/a through 4.3.20.
|
|||||
| CVE-2025-31389 | 2025-04-07 | N/A | 7.1 HIGH | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sequel.Io Sequel allows Reflected XSS.This issue affects Sequel: from n/a through 1.0.11.
|
|||||
| CVE-2025-32193 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPMinds Simple WP Events allows Stored XSS. This issue affects Simple WP Events: from n/a through 1.8.17.
|
|||||
| CVE-2025-32131 | 2025-04-07 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in socialintents Social Intents allows Stored XSS. This issue affects Social Intents: from n/a through 1.6.14.
|
|||||
| CVE-2025-32135 | 2025-04-07 | N/A | 5.9 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rocketelements Split Test For Elementor allows Stored XSS. This issue affects Split Test For Elementor: from n/a through 1.8.3.
|
|||||
| CVE-2025-32177 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pgn4web Embed Chessboard allows Stored XSS. This issue affects Embed Chessboard: from n/a through 3.07.00.
|
|||||