ReportizFlow
Filtered by vendor
Subscriptions
Total
526 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59854 | 2026-05-06 | 3.1 Low | ||
| HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability where the application utilizes the outdated X-XSS-Protection header, which could allow an attacker to exploit browser-specific rendering flaws or bypass security controls that should instead be managed by a robust Content Security Policy (CSP). | ||||
| CVE-2026-39712 | 2 Tagdiv, Wordpress | 2 Tagdiv Composer, Wordpress | 2026-04-29 | 5.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in tagDiv tagDiv Composer td-composer allows Code Injection.This issue affects tagDiv Composer: from n/a through <= 5.4.3. | ||||
| CVE-2026-39628 | 2 Kutethemes, Wordpress | 2 Dukamarket, Wordpress | 2026-04-29 | 5.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes DukaMarket dukamarket allows Code Injection.This issue affects DukaMarket: from n/a through <= 1.3.0. | ||||
| CVE-2026-39626 | 2 Kutethemes, Wordpress | 2 Armania, Wordpress | 2026-04-29 | 5.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes Armania armania allows Code Injection.This issue affects Armania: from n/a through <= 1.4.8. | ||||
| CVE-2025-31384 | 2026-04-28 | 7.1 High | ||
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Aviplugins Videos allows Reflected XSS.This issue affects Videos: from n/a through 1.0.5. | ||||
| CVE-2023-47869 | 1 Gvectors | 1 Wpforo Forum | 2026-04-28 | 4.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in gVectors Team wpForo Forum allows Code Injection.This issue affects wpForo Forum: from n/a through 2.2.5. | ||||
| CVE-2024-4214 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 2.7 Low |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS vulnerability in Bill Minozzi Car Dealer allows Code Injection.This issue affects Car Dealer: from n/a through 4.15. | ||||
| CVE-2024-23522 | 1 Strategy11 | 1 Formidable Forms | 2026-04-28 | 5.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Strategy11 Form Builder Team Formidable Forms allows Code Injection.This issue affects Formidable Forms: from n/a through 6.7. | ||||
| CVE-2023-49852 | 2026-04-28 | 6.5 Medium | ||
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Vsourz Digital Responsive Slick Slider WordPress allows Code Injection.This issue affects Responsive Slick Slider WordPress: from n/a through 1.4. | ||||
| CVE-2023-48763 | 2 Crocoblock, Wordpress | 2 Jetformbuilder, Wordpress | 2026-04-28 | 5.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS vulnerability in Crocoblock JetFormBuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through 3.1.4. | ||||
| CVE-2023-46310 | 1 Gvectors | 1 Wpdiscuz | 2026-04-28 | 5.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in gVectors Team wpDiscuz allows Code Injection.This issue affects wpDiscuz: from n/a through 7.6.10. | ||||
| CVE-2023-45635 | 2026-04-28 | 5.4 Medium | ||
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WP Darko Responsive Tabs allows Code Injection.This issue affects Responsive Tabs: from n/a before 4.0.6. | ||||
| CVE-2023-45053 | 2026-04-28 | 4.3 Medium | ||
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in pluginever WP Content Pilot – Autoblogging & Affiliate Marketing Plugin allows Code Injection.This issue affects WP Content Pilot – Autoblogging & Affiliate Marketing Plugin: from n/a through 1.3.3. | ||||
| CVE-2022-38055 | 1 Gvectors | 1 Wpforo Forum | 2026-04-28 | 4.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in gVectors Team wpForo Forum allows Content Spoofing.This issue affects wpForo Forum: from n/a through 2.0.9. | ||||
| CVE-2026-28132 | 2 Villatheme, Wordpress | 2 Woocommerce Photo Reviews, Wordpress | 2026-04-28 | 5.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in villatheme WooCommerce Photo Reviews woocommerce-photo-reviews allows Code Injection.This issue affects WooCommerce Photo Reviews: from n/a through <= 1.4.4. | ||||
| CVE-2025-49398 | 2 Easy-appointments, Wordpress | 2 Easy Appointments, Wordpress | 2026-04-27 | 6.5 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through <= 3.12.14. | ||||
| CVE-2025-47600 | 2 Wordpress, Xtemos | 2 Wordpress, Woodmart | 2026-04-27 | 5.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in xtemos WoodMart woodmart allows Code Injection.This issue affects WoodMart: from n/a through <= 8.3.7. | ||||
| CVE-2023-5933 | 1 Gitlab | 1 Gitlab | 2026-04-25 | 6.4 Medium |
| An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. Improper input sanitization of user name allows arbitrary API PUT requests. | ||||
| CVE-2025-64225 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 6.5 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in colabrio Stockie Extra stockie-extra allows Code Injection.This issue affects Stockie Extra: from n/a through <= 1.2.11. | ||||
| CVE-2025-69169 | 2 Noor Alam, Wordpress | 2 Easy Media Download, Wordpress | 2026-04-24 | 5.4 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Noor Alam Easy Media Download easy-media-download allows Reflection Injection.This issue affects Easy Media Download: from n/a through <= 1.1.11. | ||||