#xss

A stored cross-site scripting (XSS) vulnerability in TotalJS allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RexTheme Cart Lift – Abandoned Cart Recovery for WooCommerce and EDD plugin <= 3.1.5 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PB SEO Friendly Images plugin <= 4.0.5 versions.

A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task field.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Eirudo Simple YouTube Responsive plugin <= 2.5 versions.

A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the channel description field.

A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user information field.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GMO Internet Group, Inc. TypeSquare Webfonts for ConoHa plugin <= 2.0.3 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in 9seeds.Com CPT – Speakers plugin <= 1.1 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Catch Themes Darcie theme <= 1.1.5 versions.