Latest CVE Feed
-
5.9
MEDIUMCVE-2025-53469
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mortgage Calculator BMI Adult & Kid Calculator allows Stored XSS. This issue affects BMI Adult & Kid Calculator: from n/a through 1.2.2.... Read more
Affected Products :- Published: Sep. 22, 2025
- Modified: Sep. 22, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-58983
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stefano Lissa Include Me allows Stored XSS. This issue affects Include Me: from n/a through 1.3.2.... Read more
Affected Products : include_me- Published: Sep. 09, 2025
- Modified: Sep. 11, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-59154
Openfire is an XMPP server licensed under the Open Source Apache License. Openfire’s SASL EXTERNAL mechanism for client TLS authentication contains a vulnerability in how it extracts user identities from X.509 certificates. Instead of parsing the structur... Read more
Affected Products : openfire- Published: Sep. 15, 2025
- Modified: Sep. 16, 2025
- Vuln Type: Authentication
-
5.9
MEDIUMCVE-2025-58655
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mattia Roccoberton Category Featured Images allows Stored XSS. This issue affects Category Featured Images: from n/a through 1.1.8.... Read more
Affected Products :- Published: Sep. 22, 2025
- Modified: Sep. 22, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-8869
When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that upgrading pip to a "fixed" version for this vulnerability doesn't fix all known vulnerabilities t... Read more
Affected Products :- Published: Sep. 24, 2025
- Modified: Sep. 24, 2025
- Vuln Type: Supply Chain
-
5.9
MEDIUMCVE-2025-53466
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeSolz Better Find and Replace allows Stored XSS. This issue affects Better Find and Replace: from n/a through 1.7.6.... Read more
Affected Products : better_find_and_replace- Published: Sep. 22, 2025
- Modified: Sep. 22, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-58646
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in chtombleson Mobi2Go allows Stored XSS. This issue affects Mobi2Go: from n/a through 1.0.0.... Read more
Affected Products :- Published: Sep. 22, 2025
- Modified: Sep. 22, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-58883
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thomas Harris Search Cloud One allows Stored XSS. This issue affects Search Cloud One: from n/a through 2.2.5.... Read more
Affected Products :- Published: Sep. 05, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-58271
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AnyClip Video Platform AnyClip Luminous Studio allows Stored XSS. This issue affects AnyClip Luminous Studio: from n/a through 1.3.3.... Read more
Affected Products :- Published: Sep. 22, 2025
- Modified: Sep. 22, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-59590
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Lingren Media Library Assistant allows Stored XSS. This issue affects Media Library Assistant: from n/a through 3.28.... Read more
Affected Products : media_library_assistant- Published: Sep. 22, 2025
- Modified: Sep. 22, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-57959
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tmatsuur Slightly troublesome permalink allows Stored XSS. This issue affects Slightly troublesome permalink: from n/a through 1.2.0.... Read more
Affected Products :- Published: Sep. 22, 2025
- Modified: Sep. 22, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-57908
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ProWCPlugins Product Time Countdown for WooCommerce allows Stored XSS. This issue affects Product Time Countdown for WooCommerce: from n/a through 1.6.4.... Read more
Affected Products :- Published: Sep. 22, 2025
- Modified: Sep. 22, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-58674
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WordPress allows Stored XSS. WordPress core security team is aware of the issue and working on a fix. This is low severity vulnerability that... Read more
Affected Products :- Published: Sep. 23, 2025
- Modified: Sep. 24, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-58791
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arjan Olsder SEO Auto Linker allows Stored XSS. This issue affects SEO Auto Linker: from n/a through 1.5.3.... Read more
Affected Products :- Published: Sep. 05, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-58645
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gravitate Gravitate Automated Tester allows Stored XSS. This issue affects Gravitate Automated Tester: from n/a through 1.4.5.... Read more
Affected Products :- Published: Sep. 22, 2025
- Modified: Sep. 22, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-58223
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Taylor VoucherPress allows Stored XSS. This issue affects VoucherPress: from n/a through 1.5.7.... Read more
Affected Products :- Published: Sep. 22, 2025
- Modified: Sep. 22, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-58669
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Modern Minds Magento 2 WordPress Integration allows Stored XSS. This issue affects Magento 2 WordPress Integration: from n/a through 1.4.1.... Read more
Affected Products :- Published: Sep. 22, 2025
- Modified: Sep. 22, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-57903
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPSuperiors Developer WooCommerce Additional Fees On Checkout (Free) allows Stored XSS. This issue affects WooCommerce Additional Fees On Checkout (Free)... Read more
Affected Products :- Published: Sep. 22, 2025
- Modified: Sep. 22, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-58596
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in properfraction MailOptin allows Stored XSS. This issue affects MailOptin: from n/a through 1.2.75.0.... Read more
Affected Products : mailoptin- Published: Sep. 03, 2025
- Modified: Sep. 04, 2025
- Vuln Type: Cross-Site Scripting
-
5.9
MEDIUMCVE-2025-57904
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP-EXPERTS.IN Sales Count Manager for WooCommerce allows Stored XSS. This issue affects Sales Count Manager for WooCommerce: from n/a through 2.5.... Read more
Affected Products :- Published: Sep. 22, 2025
- Modified: Sep. 22, 2025
- Vuln Type: Cross-Site Scripting