Export limit exceeded: 346642 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45585 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-9371 | 2 Muffingroup, Wordpress | 2 Betheme, Wordpress | 2026-04-20 | 6.4 Medium |
| The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘page_title’ parameter in all versions up to, and including, 28.1.6 due to insufficient input sanitization and output escaping of theme breadcrumbs. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-13018 | 1 Mozilla | 2 Firefox, Firefox Esr | 2026-04-20 | 8.1 High |
| Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5. | ||||
| CVE-2025-6251 | 2 Wordpress, Wproyal | 2 Wordpress, Royal Elementor Addons And Templates | 2026-04-20 | 6.4 Medium |
| The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via $item['field_id'] in all versions up to, and including, 1.7.1036 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2024-7083 | 2 Email Encoder, Wordpress | 2 Email Encoder, Wordpress | 2026-04-20 | 3.5 Low |
| The Email Encoder WordPress plugin before 2.3.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | ||||
| CVE-2026-40301 | 1 Rhukster | 1 Dom-sanitizer | 2026-04-20 | 4.7 Medium |
| DOMSanitizer is a DOM/SVG/MathML Sanitizer for PHP 7.3+. Prior to version 1.0.10, DOMSanitizer::sanitize() allows <style> elements in SVG content but never inspects their text content. CSS url() references and @import rules pass through unfiltered, causing the browser to issue HTTP requests to attacker-controlled hosts when the sanitized SVG is rendered. Version 1.0.10 fixes the issue. | ||||
| CVE-2026-40479 | 1 Kimai | 1 Kimai | 2026-04-20 | 5.4 Medium |
| Kimai is an open-source time tracking application. In versions 1.16.3 through 2.52.0, the escapeForHtml() function in KimaiEscape.js does not escape double quote or single quote characters. When a user's profile alias is inserted into an HTML attribute context via the team member form prototype and rendered through innerHTML, this incomplete escaping allows HTML attribute injection. An authenticated user with ROLE_USER privileges can store a malicious alias that executes JavaScript in the browser of any administrator viewing the team form, resulting in stored XSS with privilege escalation. This issue has been fixed in version 2.53.0. | ||||
| CVE-2026-40283 | 1 Labredescefetrj | 1 Wegia | 2026-04-20 | 6.8 Medium |
| WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Site Scripting (XSS) vulnerability allows an authenticated user to inject malicious JavaScript via the "Nome" field in the "Informações Pacientes" page. The payload is stored and executed when the patient information is viewed. Version 3.6.10 fixes the issue. | ||||
| CVE-2026-33436 | 1 Stirlingpdf | 1 Stirling Pdf | 2026-04-20 | 3.1 Low |
| Stirling-PDF is a locally hosted web application that facilitates various operations on PDF files. In versions prior to 2.0.0, file upload endpoints render user-supplied filenames directly into HTML using unsafe methods like innerHTML without sanitization. An attacker can craft a file with a malicious filename containing JavaScript that executes in the uploading user's browser context, resulting in reflected XSS. The issue affects numerous upload endpoints across the application. The issue has been fixed in version 2.0.0. | ||||
| CVE-2026-40282 | 1 Labredescefetrj | 1 Wegia | 2026-04-20 | N/A |
| WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Site Scripting (XSS) vulnerability allows an authenticated user to inject malicious JavaScript into the Intercorrências notification page, which is executed when user access the the page, enabling session hijacking and account takeover. Version 3.6.10 fixes the issue. | ||||
| CVE-2026-40286 | 1 Labredescefetrj | 1 Wegia | 2026-04-20 | 7.5 High |
| WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Site Scripting (XSS) vulnerability was identified in the 'Member Registration' (Cadastrar Sócio) function. By injecting a payload into the 'Member Name' (Nome Sócio) field, the script is persistently stored in the database. Consequently, the payload is executed whenever a user navigates to certain URL. Version 3.6.10 fixes the issue. | ||||
| CVE-2026-40284 | 1 Labredescefetrj | 1 Wegia | 2026-04-20 | 6.8 Medium |
| WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Site Scripting (XSS) vulnerability allows an authenticated user to inject malicious JavaScript via the "Destinatário" field. The payload is stored and later executed when viewing the dispatch page, impacting other users. Version 3.6.10 fixes the issue. | ||||
| CVE-2025-9163 | 2 Favethemes, Wordpress | 2 Houzez, Wordpress | 2026-04-20 | 6.1 Medium |
| The Houzez theme for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.1.6 due to insufficient input sanitization and output escaping in the houzez_property_img_upload() and houzez_property_attachment_upload() functions. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. | ||||
| CVE-2025-9488 | 1 Wordpress | 1 Wordpress | 2026-04-20 | 6.4 Medium |
| The Redux Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data’ parameter in all versions up to, and including, 4.5.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-8779 | 3 Elementor, Shamsbd71, Wordpress | 3 Elementor, All-in-one Addons For Elementor, Wordpress | 2026-04-20 | 6.4 Medium |
| The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Team and Countdown widgets in all versions up to, and including, 2.5.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-8687 | 3 Elementor, Themelooks, Wordpress | 3 Elementor, Enter Addons, Wordpress | 2026-04-20 | 6.4 Medium |
| The Enter Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown and Image Comparison widgets in all versions up to, and including, 2.2.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-9856 | 2 Popup Builder, Wordpress | 2 Popup Builder, Wordpress | 2026-04-20 | 6.4 Medium |
| The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sg_popup' shortcode in all versions up to, and including, 4.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-40892 | 2 Nozomi Networks, Nozominetworks | 4 Cmc, Guardian, Cmc and 1 more | 2026-04-20 | 8.9 High |
| A Stored Cross-Site Scripting vulnerability was discovered in the Reports functionality due to improper validation of an input parameter. An authenticated user with report privileges can define a malicious report containing a JavaScript payload, or a victim can be socially engineered to import a malicious report template. When the victim views or imports the report, the XSS executes in their browser context, allowing the attacker to perform unauthorized actions as the victim, such as modify application data, disrupt application availability, and access limited sensitive information. | ||||
| CVE-2025-15056 | 1 Slab | 1 Quill | 2026-04-20 | 6.1 Medium |
| A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting (XSS). This issue affects Quill: 2.0.3. | ||||
| CVE-2026-40483 | 1 Churchcrm | 1 Churchcrm | 2026-04-20 | 5.4 Medium |
| ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the Pledge Editor renders donation comment values directly into HTML input value attributes without escaping via htmlspecialchars(). An authenticated user with Finance permissions can inject HTML attribute-breaking characters and event handlers into the comment field, which are stored in the database and execute in the browser of any user who subsequently opens the pledge record for editing, resulting in stored XSS. This issue has been fixed in version 7.2.0. | ||||
| CVE-2026-40593 | 1 Churchcrm | 1 Churchcrm | 2026-04-20 | 4.8 Medium |
| ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the User Editor (UserEditor.php) renders stored usernames directly into an HTML input value attribute without applying htmlspecialchars(). An administrator can save a username containing HTML attribute-breaking characters and event handlers, which execute in the browser of any administrator who subsequently views that user's editor page, resulting in stored XSS. This issue has been fixed in version 7.2.0. | ||||