Cross-Site Scripting

The Stripe Green Downloads WordPress plugin version 2.03 contains a persistent cross-site scripting (XSS) vulnerability in button label fields. Attack...

Affiliate Pro 1.7 contains reflected cross-site scripting vulnerabilities in index module input fields (fullname, username, email). Attackers can inje...

PHP Melody 3.0 contains multiple non-persistent cross-site scripting vulnerabilities in categories, import, and user import files. Attackers can injec...

PHP Melody 3.0 contains a persistent cross-site scripting vulnerability in the video editor's WYSIWYG component. Privileged users can inject malicious...

PHP Melody 3.0 contains a persistent cross-site scripting vulnerability in the edit-video.php submitted parameter that allows remote attackers to inje...

Easy Cart Shopping Cart 2021 contains a non-persistent cross-site scripting vulnerability in the search module's keyword parameter. Remote attackers c...

Multiple payment terminal versions contain non-persistent cross-site scripting (XSS) vulnerabilities in billing and payment information input fields. ...

Ultimate POS 4.4 contains a persistent cross-site scripting vulnerability in the product name parameter that allows attackers to inject malicious scri...

This vulnerability allows attackers to perform reflected cross-site scripting (XSS) attacks against FortiDeceptor recovery endpoints. Attackers can in...