Search Results (47054 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-13499 1 Yashpokharna2555 1 Restaurent-management-system 2026-06-29 4.3 Medium
A security flaw has been discovered in yashpokharna2555 restaurent-management-system. This impacts an unknown function of the file login_register.php of the component Registration Handler. Performing a manipulation of the argument Username results in cross site scripting. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet.
CVE-2026-12399 2 Jegstudio, Wordpress 2 Gutenverse – Wordpress Blocks, Page Builder & Site Editor, Wordpress 2026-06-29 4.4 Medium
The Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
CVE-2026-13295 2 Gpriday, Wordpress 2 Page Builder By Siteorigin, Wordpress 2026-06-29 6.4 Medium
The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via panels_data Parameter in all versions up to, and including, 2.34.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This is possible because the nonce and edit_post capability checks enforced during save are both satisfied by Contributor-level users for their own posts, and the panels_data value is stored as post meta — outside the scope of WordPress's unfiltered_html carve-out — meaning no wp_kses fallback prevents the unsanitized WP_Widget_Custom_HTML content from being persisted and later rendered verbatim on the frontend.
CVE-2026-48940 1 Getk2 1 K2 Extension For Joomla 2026-06-28 3.4 Low
A Joomla user with K2 "create item" rights (Author tier by default) can submit an article whose `embedVideo` POST field contains a raw `<script>` tag; K2 stores it verbatim and renders it unescaped to any visitor of the article page.
CVE-2026-48942 1 Getk2 1 K2 Extension For Joomla 2026-06-28 6.1 Medium
K2 ≤ 2.26 renders the `#__k2_users.image` column directly into HTML `src` attributes via two distinct templates, in both cases without HTML escaping.
CVE-2026-44696 1 Opf 1 Openproject 2026-06-27 5.7 Medium
OpenProject is open-source, web-based project management software. Prior to 17.4.0, OpenProject's rich text (markdown) rendering pipeline uses Sanitize::Config::RELAXED[:css] for inline style sanitization. This configuration permits essentially all CSS properties in style attributes on permitted HTML elements (figure, img, table, th, tr, td). This allows any authenticated user with write access to formattable text fields (work package descriptions, comments, project descriptions, news) to inject CSS This vulnerability is fixed in 17.4.0.
CVE-2026-13083 1 Redhat 1 Pdrive Lightspeed 2026-06-27 6.9 Medium
A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-site scripting (XSS) payload into cluster objects (such as ClusterVersion spec.channel) that executes in the browser of any user who opens the generated HTML report.
CVE-2020-37256 1 Getgrav 1 Grav-plugin-admin 2026-06-27 5.4 Medium
Grav before 1.6.30 contains a cross-site scripting vulnerability in the Admin plugin page editor default security configuration. Privileged users with page editing capabilities can inject malicious scripts to execute arbitrary code and install malicious plugins for system access.
CVE-2026-57322 2 Wedevs, Wordpress 2 Wemail, Wordpress 2026-06-26 7.1 High
Unauthenticated Cross Site Scripting (XSS) in weMail <= 2.1.2 versions.
CVE-2026-57650 2 Blockart, Wordpress 2 Magazine Blocks, Wordpress 2026-06-26 6.5 Medium
Contributor Cross Site Scripting (XSS) in Magazine Blocks <= 1.8.3 versions.
CVE-2026-56043 2 Cusrev, Wordpress 2 Customer Reviews For Woocommerce, Wordpress 2026-06-26 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Customer Reviews for WooCommerce <= 5.110.1 versions.
CVE-2026-57617 2 Seedprod Llc, Wordpress 2 Seedprod Pro, Wordpress 2026-06-26 6.5 Medium
Contributor Cross Site Scripting (XSS) in SeedProd Pro < 6.19.5 versions.
CVE-2026-56072 2 Wordpress, Xtemos 2 Wordpress, Woodmart 2026-06-26 7.1 High
Unauthenticated Cross Site Scripting (XSS) in WoodMart <= 8.5.3 versions.
CVE-2026-57312 2 Wordpress, Wpeverest 2 Wordpress, Everest Forms 2026-06-26 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Everest Forms <= 3.4.8 versions.
CVE-2026-57313 2 Surecart, Wordpress 2 Surecart, Wordpress 2026-06-26 6.5 Medium
Subscriber Cross Site Scripting (XSS) in SureCart <= 4.2.2 versions.
CVE-2026-57317 2 Nsquared, Wordpress 2 Simply Schedule Appointments, Wordpress 2026-06-26 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Simply Schedule Appointments <= 1.6.12.2 versions.
CVE-2026-57319 2 Realmag777, Wordpress 2 Fox, Wordpress 2026-06-26 7.1 High
Unauthenticated Cross Site Scripting (XSS) in FOX <= 1.4.8 versions.
CVE-2026-56044 2 Adenion, Wordpress 2 Blog2social, Wordpress 2026-06-26 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Blog2Social <= 8.9.2 versions.
CVE-2026-56045 2 Valvepress, Wordpress 2 Automatic, Wordpress 2026-06-26 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Automatic < 3.135.1 versions.
CVE-2026-54013 1 Open-webui 1 Open-webui 2026-06-26 7.6 High
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in user profile images and webhook profile images but forgot to apply the same fix to model profile images. The ModelMeta class has no validate_profile_image_url field validator, and the model image serving endpoint has no MIME allowlist or nosniff header. Any authenticated user with workspace.models permission (enabled by default) can store a data:image/svg+xml;base64,... payload in a model's profile image and achieve full account takeover of anyone who navigates to the image URL. This vulnerability is fixed in 0.9.6.