Tag
#xss
EyouCms v1.6.2 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /admin/twitter.php?active_t.
Nukium nkmgls before version 3.0.2 is vulnerable to Cross Site Scripting (XSS) via NkmGlsCheckoutModuleFrontController::displayAjaxSavePhoneMobile.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Matthew Muro Restrict Categories plugin <= 2.6.4 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.23.11.6 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Themeum WP Crowdfunding plugin <= 2.1.6 versions.
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sajjad Hossain Sagor WP Edit Username plugin <= 1.0.5 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability (requires PHP 8.x) in CodeBard CodeBard's Patron Button and Widgets for Patreon plugin <= 2.1.9 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Feed plugin <= 2.2.1 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Michael Uno (miunosoft) Responsive Column Widgets plugin <= 1.2.7 versions.
Cross-Site Scripting (XSS) vulnerability in Inventory Management V1.0 allows attackers to execute arbitrary code via the pname parameter of the editProduct.php component.