Contact Privacy DMCA

Robuta
https://vulntitan.com/vulnerabilities/17065 CVE-2023-51403 Restaurant Reservations Stored XSS Fixed in 1.9 | VulnTitan CVE-2023-51403 Stored Cross-Site Scripting in Plugin Restaurant Reservations; affects Versions up to 1.8; fixed in 1.9; CVSS 6.4 medium severity. restaurant reservationsstored xss https://www.sentinelone.com/vulnerability-database/cve-2026-40282/ CVE-2026-40282: WeGIA Stored XSS Vulnerability CVE-2026-40282 is a stored cross-site scripting vulnerability in WeGIA. Learn about its impact, affected versions, and mitigation methods. stored xsscvevulnerability https://bugemot.com/en/bug/252 Stored XSS on registration - BUG-252 - BUGemot Stored XSS on registration stored xssregistrationbug https://klikki.fi/mainwp-admin-panel-unauthenticated-stored-xss/ MainWP admin panel unauthenticated stored XSS | Klikki Feb 3, 2023 - MainWP is a WordPress remote administration plugin. Missing authorization checks on a setup panel allowed unauthenticated attackers to modify some of the... admin panelstored xssmainwp https://www.vulncheck.com/advisories/checkmk-stored-cross-site-scripting-in-dashlet-title Checkmk Stored XSS in Dashlet Title | Advisories | VulnCheck stored xsscheckmktitleadvisoriesvulncheck https://cvefeed.io/vuln/detail/CVE-2022-40778 CVE-2022-40778 - "OPSWAT MetaDefender ICAP Server Stored XSS Vulnerability" Nov 21, 2024 - A stored Cross-Site Scripting (XSS) vulnerability in OPSWAT MetaDefender ICAP Server before 4.13.0 allows attackers to execute arbitrary JavaScript or HTML... opswat metadefenderstored xsscveicapserver https://www.sentinelone.com/vulnerability-database/cve-2026-39328/ CVE-2026-39328: ChurchCRM Stored XSS Vulnerability CVE-2026-39328 is a stored cross-site scripting vulnerability in ChurchCRM. Learn about its impact, affected versions, and mitigation methods. stored xsscvevulnerability https://www.exploit-db.com/exploits/51979 HTMLy Version v2.9.6 - Stored XSS - PHP webapps Exploit Apr 12, 2024 - HTMLy Version v2.9.6 - Stored XSS.. webapps exploit for PHP platform stored xsshtmlyversionphpwebapps https://developer.joomla.org/security-centre/760-00190101-core-stored-xss-in-mod-banners.html [20190101] - Core - Stored XSS in mod_banners stored xsscoremodbanners https://www.clouddefense.ai/cve/2022/CVE-2022-21662 CVE-2022-21662: Stored XSS in WordPress - Impact, Vulnerability, and Prevention Discover the Stored XSS vulnerability in WordPress versions prior to 5.8.3. Learn about the impact, affected systems, exploitation mechanism, and mitigation... stored xsscve https://www.sentinelone.com/vulnerability-database/cve-2026-39708/ CVE-2026-39708: UiCore Elements Stored XSS Vulnerability CVE-2026-39708 is a stored XSS vulnerability in UiCore Elements plugin. Learn about its impact, affected versions, and mitigation methods. stored xsscveuicoreelementsvulnerability https://forum.epe.si/d/4973-stored-xss-in-epesi-3 Stored XSS in EPESI (3) - OLD Forum of Users and Developers of Epesi BIM OLD Forum of Users and Developers of Epesi BIM stored xssold forum https://www.miggo.io/vulnerability-database/cve/CVE-2022-34185 CVE-2022-34185: Jenkins Date Param Stored XSS | Miggo Jenkins Date Parameter Plugin stored XSS from unescaped name/description fields executes arbitrary scripts in browsers of users viewing parameter pages. stored xsscvejenkinsdateparam https://www.sentinelone.com/vulnerability-database/cve-2026-35534/ CVE-2026-35534: ChurchCRM Stored XSS Vulnerability CVE-2026-35534 is a stored cross-site scripting vulnerability in ChurchCRM. Learn about its impact, affected versions, and mitigation methods. stored xsscvevulnerability https://www.sentinelone.com/vulnerability-database/cve-2026-3007/ CVE-2026-3007: Koollab LMS Stored XSS Vulnerability CVE-2026-3007 is a stored XSS vulnerability in Koollab LMS. Learn about its impact, affected versions, and mitigation methods to secure your system. stored xsscvelmsvulnerability https://cryptocat.me/blog/ctf/2022/nahamcon/web/hacker_ts/ Stored XSS to Admin Endpoint Exfiltration | NahamCon CTF 2022: Hacker T's - CryptoCat's Blog Hacker T's web writeup from NahamCon CTF 2022. Exploit a stored XSS in custom t-shirt input to access the admin endpoint and exfiltrate the flag. https://advisories.gitlab.com/composer/concrete5/concrete5/CVE-2025-8573/ Concrete CMS is vulnerable to Stored XSS from Home Folder on Members Dashboard page | GitLab... CVE-2025-8573 Concrete CMS is vulnerable to Stored XSS from Home Folder on Members Dashboard page: Concrete CMS versions 9 through 9.4.2 are vulnerable to... https://advisories.gitlab.com/composer/gp247/core/CVE-2025-57407/ GP247 and S-Cart have a stored cross-site scripting (XSS) vulnerability | GitLab Advisory Database... CVE-2025-57407 GP247 and S-Cart have a stored cross-site scripting (XSS) vulnerability: A stored cross-site scripting (XSS) vulnerability in the Admin Log... https://nyambush.app/en/blog/wp-content-locking-xss CVE-2026-1320: Content Locking Plugin Stored XSS Feb 17, 2026 - Stored XSS in admin panel via X-Forwarded-For header injection. Session hijacking risk content lockingcvepluginstoredxss https://research.cleantalk.org/cve-2024-3288/ CVE-2024-3288 - Logo Slider by LogicHunt inc. - Stored XSS to Admin Account Creation (Contributor+)... Sep 12, 2024 - In the realm of web development, security vulnerabilities can have far-reaching impacts, potentially jeopardizing the integrity and safety of websites. One... https://cvereports.com/reports/CVE-2026-23891 CVE-2026-23891: CVE-2026-23891: Critical Stored Cross-Site Scripting (XSS) in Decidim User Profiles... Apr 13, 2026 - Daily high-severity CVE reports defined by AI. Comprehensive vulnerability analysis, attack flow diagrams, and remediation steps for security professionals. cross site scripting https://cvefeed.io/vuln/detail/CVE-2025-4984 CVE-2025-4984 - Stored Cross-site Scripting (XSS) vulnerability affecting City Discover in City... Apr 15, 2026 - A stored Cross-site Scripting (XSS) vulnerability affecting City Discover in City Referential Manager on Release 3DEXPERIENCE R2025x allows an attacker to... cross site scripting https://advisories.gitlab.com/golang/github.com/prometheus/prometheus/CVE-2026-40179/ Prometheus has Stored XSS via metric names and label values in Prometheus web UI tooltips and... CVE-2026-40179 Prometheus has Stored XSS via metric names and label values in Prometheus web UI tooltips and metrics explorer: Stored cross-site scripting... https://advisories.gitlab.com/composer/magento/community-edition/CVE-2025-24417/ Magento Stored Cross-Site Scripting (XSS) Vulnerability | GitLab Advisory Database (GLAD) CVE-2025-24417 Magento Stored Cross-Site Scripting (XSS) Vulnerability: Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and... cross site scriptingmagentostored https://www.exploit-db.com/exploits/51955 Blood Bank v1.0 - Stored Cross Site Scripting (XSS) - PHP webapps Exploit Apr 2, 2024 - Blood Bank v1.0 - Stored Cross Site Scripting (XSS).. webapps exploit for PHP platform cross site scriptingblood bank https://advisories.gitlab.com/maven/io.jenkins.plugins/simple-queue/CVE-2024-54003/ Jenkins Simple Queue Plugin has stored cross-site scripting (XSS) vulnerability | GitLab Advisory... CVE-2024-54003 Jenkins Simple Queue Plugin has stored cross-site scripting (XSS) vulnerability: Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape... cross site scripting https://infinitsec.net/posts/cve-2024-7083-email-encoder-less-234-admin-stored-xss Report: CVE-2024-7083 - Email Encoder 2.3.4 - Admin+ Stored XSS - InfinitSec Apr 20, 2026 - CVE ID :CVE-2024-7083 Published : April 20, 2026, 7:16 a.m. | 1 hour, 34 minutes ago Description :The Email Encoder WordPress plugin before 2.3. https://advisories.gitlab.com/golang/github.com/j3ssie/osmedeus/CVE-2024-51735/ Osmedeus Web Server Vulnerable to Stored XSS, Leading to RCE | GitLab Advisory Database (GLAD) CVE-2024-51735 Osmedeus Web Server Vulnerable to Stored XSS, Leading to RCE: XSS occurs on the Osmedues web server when viewing results from the workflow,... https://www.nu11secur1ty.com/2024/01/phpj-callback-widget-10-xss-reflected.html PHPJ-Callback-Widget-1.0-XSS-Stored-admin-Hijacking callback widgetxssstoredadminhijacking https://research.cleantalk.org/cve-2025-3581/ CVE-2025-3581 - Newsletter - Stored XSS to JS Backdoor Creation - POC - Plugin Security... Jul 14, 2025 - The Newsletter plugin is a cornerstone of email marketing for WordPress, with over 300,000 active installations. It allows site owners to embed subscription... https://advisories.gitlab.com/composer/librenms/librenms/CVE-2025-55296/ LibreNMS allows stored XSS in Alert Template name field | GitLab Advisory Database (GLAD) https://cvefeed.io/vuln/detail/CVE-2022-1022 CVE-2022-1022 - Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot Nov 21, 2024 - Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot/chatwoot prior to 2.5.0. cross site scriptingcvexssstoredchatwoot