Skip to main content
CVE-2025-67620 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CleverSoft Anon anon2x allows Reflected XSS.This issue affects Anon: from n/a through <= 2.2.10. [CVSS 7.1 HIGH]

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-67614 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in foreverpinetree TheNa thena allows Reflected XSS.This issue affects TheNa: from n/a through <= 1.5.5. [CVSS 7.1 HIGH]

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-69317 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in scriptsbundle CarSpot carspot allows Reflected XSS.This issue affects CarSpot: from n/a through < 2.4.6. [CVSS 6.1 MEDIUM]

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-69316 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 TableOn posts-table-filterable allows Reflected XSS.This issue affects TableOn: from n/a through <= 1.0.4.2. [CVSS 6.1 MEDIUM]

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-69098 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpWave Hide My WP hide_my_wp allows Reflected XSS.This issue affects Hide My WP: from n/a through <= 6.2.12. [CVSS 6.1 MEDIUM]

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-53240 HIGH This Week

adamlabs WordPress Photo Gallery photo-gallery-portfolio is affected by cross-site scripting (xss) (CVSS 6.1).

WordPress XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-52762 HIGH This Week

flexostudio flexo-posts-manager flexo-posts-manager is affected by cross-site scripting (xss) (CVSS 6.1).

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-52746 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ayecode Restaurante restaurante allows Reflected XSS.This issue affects Restaurante: from n/a through <= 3.0.7. [CVSS 6.1 MEDIUM]

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-50006 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through <= 1.2.9.4. [CVSS 6.1 MEDIUM]

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-49249 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ApusTheme Drone drone allows Reflected XSS.This issue affects Drone: from n/a through <= 1.40. [CVSS 6.1 MEDIUM]

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-49066 HIGH This Week

LambertGroup Accordion Slider PRO accordion_slider_pro is affected by cross-site scripting (xss) (CVSS 6.1).

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-49046 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup xPromoter top_bar_promoter allows Reflected XSS.This issue affects xPromoter: from n/a through <= 1.3.4. [CVSS 6.1 MEDIUM]

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-49045 HIGH This Week

highwarden Super Interactive Maps super-interactive-maps is affected by cross-site scripting (xss) (CVSS 6.1).

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-49043 HIGH This Week

LambertGroup Magic Responsive Slider and Carousel WordPress magic_carousel is affected by cross-site scripting (xss) (CVSS 6.1).

WordPress XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-48094 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Magic Slider magic_slider allows Reflected XSS.This issue affects Magic Slider: from n/a through <= 2.2. [CVSS 6.1 MEDIUM]

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-47666 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Image&Video FullScreen Background lbg_fullscreen_fullwidth_slider allows Reflected XSS.This issue affects Image&Video FullScreen Background: from n/a through <= 1.6.7. [CVSS 6.1 MEDIUM]

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-32123 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup HTML5 Video Player with Playlist & Multiple Skins lbg-vp2-html5-rightside allows Reflected XSS.This issue affects HTML5 Video Player with Playlist & Multiple Skins: from n/a through <= 5.3.5. [CVSS 6.1 MEDIUM]

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-27005 HIGH This Week

LambertGroup HTML5 Video Player lbg-vp2-html5-bottom is affected by cross-site scripting (xss) (CVSS 6.1).

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-69321 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Spa grandspa allows Reflected XSS.This issue affects Grand Spa: from n/a through <= 3.5.5. [CVSS 7.1 HIGH]

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-22355 HIGH This Week

gregmolnar Simple XML Sitemap simple-xml-sitemap is affected by cross-site request forgery (csrf) (CVSS 7.1).

CSRF
NVD
CVSS 3.1
7.1
EPSS
0.0%
Prev Page 5 of 5

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy