An attacker with administrative access may inject malicious content into the login page, potentially enabling cross-site scripting (XSS) attacks, l...

No fix

Jan 15, 2026

CVE-2026-22913

MEDIUM

Improper handling of a URL parameter may allow attackers to execute code in a user's browser after login

No fix

Jan 15, 2026

CVE-2025-14448

MEDIUM

WP-Members Membership Plugin <= 3.5.4.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Multiple Checkbox and Multiple Select User Pr...

No fix

Jan 15, 2026

CVE-2026-0601

MEDIUM

Nexus Repository 3 - Cross-Site Scripting

No fix

Jan 14, 2026

CVE-2025-11224

HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

No fix

Jan 14, 2026

CVE-2025-14557

MEDIUM

XSS in Drupal 7 Facebook Pixel Module

No fix

Jan 14, 2026

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2021-47808

HIGH

Cotonti Siena 0.9.19 - 'maintitle' Stored Cross-Site Scripting

No fix

Jan 15, 2026

CVE-2021-47779

HIGH

Dolibarr ERP-CRM 14.0.2 - Stored Cross-Site Scripting (XSS) / Privilege Escalation

No fix

Jan 15, 2026

CVE-2026-1011

HIGH

Stored Cross-Site Scripting in Altium Support Center Comment Endpoint

No fix

Jan 15, 2026

CVE-2026-1010

HIGH

Stored Cross-Site Scripting in Altium Workflow Engine Allows Privilege Escalation

No fix

Jan 15, 2026

CVE-2026-1009

CRITICAL

Stored Cross-Site Scripting in Altium Forum Leading to Cross-Customer Data Exposure

No fix

Jan 15, 2026

CVE-2026-1008

MEDIUM

Stored Cross-Site Scripting in Altium 365 User Profile Fields

No fix

Jan 15, 2026

CVE-2025-15265

MEDIUM

Svelte 5.46.0 - Hydratable Key Script-Breakout XSS (SSR)

No fix

Jan 15, 2026

CVE-2026-20075

MEDIUM

Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability

No fix

Jan 15, 2026

CVE-2026-20076

MEDIUM

Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability

No fix

Jan 15, 2026

CVE-2026-22867

HIGH

LaSuite Doc affected by Stored XSS via Interlinking Block

No fix

Jan 15, 2026

CVE-2021-47843

HIGH

Tagstoo 2.0.1 - Stored XSS to RCE

No fix

Jan 15, 2026

CVE-2021-47769

HIGH

Isshue Shopping Cart 3.5 - 'Title' Cross Site Scripting (XSS)

No fix

Jan 15, 2026

CVE-2021-47768

MEDIUM

ImportExportTools NG 10.0.4 - HTML Injection

No fix

Jan 15, 2026

CVE-2026-22637

MEDIUM

The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability

No fix

Jan 15, 2026

CVE-2026-22919

LOW

An attacker with administrative access may inject malicious content into the login page, potentially enabling cross-site scripting (XSS) attacks, l...

No fix

Jan 15, 2026

CVE-2026-22913

MEDIUM

Improper handling of a URL parameter may allow attackers to execute code in a user's browser after login

No fix

Jan 15, 2026

CVE-2025-14448

MEDIUM

WP-Members Membership Plugin <= 3.5.4.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Multiple Checkbox and Multiple Select User Pr...

No fix

Jan 15, 2026

CVE-2026-0601

MEDIUM

Nexus Repository 3 - Cross-Site Scripting

No fix

Jan 14, 2026

CVE-2025-11224

HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

No fix

Jan 14, 2026

CVE-2025-14557

MEDIUM

XSS in Drupal 7 Facebook Pixel Module

No fix

Jan 14, 2026

Showing 1 - 20 of 1,000+ results

...