Export limit exceeded: 47124 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (47124 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-56043 | 2 Cusrev, Wordpress | 2 Customer Reviews For Woocommerce, Wordpress | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Customer Reviews for WooCommerce <= 5.110.1 versions. | ||||
| CVE-2026-57617 | 2 Seedprod Llc, Wordpress | 2 Seedprod Pro, Wordpress | 2026-06-26 | 6.5 Medium |
| Contributor Cross Site Scripting (XSS) in SeedProd Pro < 6.19.5 versions. | ||||
| CVE-2026-56072 | 2 Wordpress, Xtemos | 2 Wordpress, Woodmart | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in WoodMart <= 8.5.3 versions. | ||||
| CVE-2026-57312 | 2 Wordpress, Wpeverest | 2 Wordpress, Everest Forms | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Everest Forms <= 3.4.8 versions. | ||||
| CVE-2026-57313 | 2 Surecart, Wordpress | 2 Surecart, Wordpress | 2026-06-26 | 6.5 Medium |
| Subscriber Cross Site Scripting (XSS) in SureCart <= 4.2.2 versions. | ||||
| CVE-2026-57317 | 2 Nsquared, Wordpress | 2 Simply Schedule Appointments, Wordpress | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Simply Schedule Appointments <= 1.6.12.2 versions. | ||||
| CVE-2026-57319 | 2 Realmag777, Wordpress | 2 Fox, Wordpress | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in FOX <= 1.4.8 versions. | ||||
| CVE-2026-56044 | 2 Adenion, Wordpress | 2 Blog2social, Wordpress | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Blog2Social <= 8.9.2 versions. | ||||
| CVE-2026-56045 | 2 Valvepress, Wordpress | 2 Automatic, Wordpress | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Automatic < 3.135.1 versions. | ||||
| CVE-2026-54013 | 1 Open-webui | 1 Open-webui | 2026-06-26 | 7.6 High |
| Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in user profile images and webhook profile images but forgot to apply the same fix to model profile images. The ModelMeta class has no validate_profile_image_url field validator, and the model image serving endpoint has no MIME allowlist or nosniff header. Any authenticated user with workspace.models permission (enabled by default) can store a data:image/svg+xml;base64,... payload in a model's profile image and achieve full account takeover of anyone who navigates to the image URL. This vulnerability is fixed in 0.9.6. | ||||
| CVE-2026-56011 | 2 Chrisrichardson, Wordpress | 2 Mappress Maps For Wordpress, Wordpress | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in MapPress Maps for WordPress <= 2.97.3 versions. | ||||
| CVE-2026-54070 | 1 Siyuan | 1 Siyuan | 2026-06-26 | 7.1 High |
| SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, renderPackageREADME in kernel/bazaar/readme.go renders a Bazaar package README from Markdown to HTML with the lute engine and SetSanitize(true). The lute sanitizer is an event-handler blocklist: allowAttr rejects only attribute names present in a fixed eventAttrs map copied from the w3schools legacy handler list. That map omits modern event handlers. onpointerover, onpointerdown, onauxclick, onbeforetoggle, onfocusin, onanimationstart, and ontransitionend are not in the list, so the sanitizer passes them through verbatim on any tag. The frontend assigns the rendered HTML to mdElement.innerHTML in app/src/config/bazaar.ts with no client-side DOMPurify on this path, into a normal element in the main document (no iframe, no sandbox). The kernel sends no Content-Security-Policy, X-Frame-Options, or X-Content-Type-Options header on any response, so an inline handler runs when its event fires. The README is rendered when an Administrator opens a package in Settings → Marketplace, after the one-time marketplace trust consent. Install is not required. Result: a third-party Bazaar package author runs JavaScript in the Administrator's authenticated SiYuan origin when the Administrator views and interacts with the package listing, and gains full control of the workspace. This vulnerability is fixed in 3.7.0. | ||||
| CVE-2026-50745 | 1 Revive | 1 Adserver | 2026-06-26 | N/A |
| A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input to be reflected without escaping. | ||||
| CVE-2026-50742 | 1 Revive | 1 Adserver | 2026-06-26 | N/A |
| A stored XSS vulnerabilities exists in the `maintenance-acl-check.php` and `maintenance-banners-check.php` tools of Revive Adserver 6.0.7. The issue was caused by entity names being displayed without proper escaping when inconsistencies were detected. Whether the XSS payload is executed when an administrator uses the affected maintenance tools is not entirely under the attacker's control. | ||||
| CVE-2026-8661 | 1 Rapid7 | 1 Insightconnect Markdown Plugin | 2026-06-26 | 4.8 Medium |
| Server-Side Cross-Site Scripting and Server-Side Request Forgery vulnerability in the markdown_to_pdf action of Rapid7 InsightConnect Markdown Plugin version 3.1.4 and earlier on Linux allows remote attackers to execute JavaScript server-side and make arbitrary outbound HTTP requests via crafted content embedded in Markdown input. The PDF rendering engine does not restrict script execution or outbound network access. | ||||
| CVE-2026-50876 | 1 Deck9 | 1 Deck9 Input | 2026-06-26 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in Deck9 Input v2.0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2026-50883 | 1 Matze | 1 Wastebin | 2026-06-26 | 9.6 Critical |
| An HTML injection vulnerability in the /src/highlight.rs component of matze wastebin v3.4.1 allows attackers to execute arbitrary scripts via a crafted payload. | ||||
| CVE-2016-20066 | 2 Dwbooster, Wordpress | 2 Cp Polls, Wordpress | 2026-06-26 | 7.2 High |
| WordPress CP Polls 1.0.8 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through unsanitized file upload functionality. Attackers can upload files containing script payloads with event handlers like onerror attributes to execute arbitrary JavaScript in the browsers of users viewing the affected content. | ||||
| CVE-2016-20070 | 2 Dwbooster, Wordpress | 2 Booking Calendar Contact Form, Wordpress | 2026-06-26 | 6.4 Medium |
| WordPress Booking Calendar Contact Form 1.0.23 contains privilege escalation and stored cross-site scripting vulnerabilities that allow authenticated users to modify plugin options and inject malicious scripts by failing to verify user privileges and sanitize input parameters. Attackers with subscriber-level accounts can inject XSS payloads through parameters like price, name, calendar_language, and email_confirmation_to_user via admin-ajax.php and admin.php endpoints to execute arbitrary JavaScript in administrator browsers. | ||||
| CVE-2026-49055 | 2 Glen Don Mongaya, Wordpress | 2 Drag And Drop Multiple File Upload – Contact Form 7, Wordpress | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Drag and Drop Multiple File Upload – Contact Form 7 <= 1.3.9.7 versions. | ||||