Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-50742 |
|
Cross-Site Scripting (XSS) in revive-adserver (CVE-2026-50742)
cross-site scripting in revive-adserver (CVE-2026-50742). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8661 |
|
Cross-Site Scripting (XSS) in CVE-2026-8661 (CVE-2026-8661)
cross-site scripting in CVE-2026-8661 (CVE-2026-8661). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50740 |
|
Cross-Site Scripting (XSS) in revive-adserver (CVE-2026-50740)
cross-site scripting in revive-adserver (CVE-2026-50740). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13083 |
|
Cross-Site Scripting (XSS) in redhat (CVE-2026-13083)
cross-site scripting in redhat (CVE-2026-13083). Confidential information can be exposed externally.
|
| CVE-2020-37256 |
|
Cross-Site Scripting (XSS) in getgrav (CVE-2020-37256)
cross-site scripting in getgrav (CVE-2020-37256). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9086 |
|
Cross-Site Scripting (XSS) in redhat (CVE-2026-9086)
cross-site scripting in redhat (CVE-2026-9086). Confidential information can be exposed externally.
|
| CVE-2026-48942 |
|
Cross-Site Scripting (XSS) in joomlaworks (CVE-2026-48942)
cross-site scripting in joomlaworks (CVE-2026-48942). Risk of unauthorized operations or information disclosure. Exploitable via ``src``.
|
| CVE-2026-48940 |
|
Cross-Site Scripting (XSS) in joomlaworks (CVE-2026-48940)
cross-site scripting in joomlaworks (CVE-2026-48940). Risk of unauthorized operations or information disclosure. Exploitable via ``embedVideo``.
|
| CVE-2026-54025 |
|
Cross-Site Scripting (XSS) in librechat (CVE-2026-54025)
cross-site scripting in librechat (CVE-2026-54025). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.8.4-rc1` or later.
|
| CVE-2026-56071 |
|
Unauthenticated Cross Site Scripting (XSS) in Forminator <= 1.53.1 versions.
Unauthenticated Cross Site Scripting (XSS) in Forminator <= 1.53.1 versions.
|
| CVE-2026-56051 |
|
Unauthenticated Cross Site Scripting (XSS) in TablePress <= 3.3.1 versions.
Unauthenticated Cross Site Scripting (XSS) in TablePress <= 3.3.1 versions.
|
| CVE-2026-56005 |
|
Subscriber Cross Site Scripting (XSS) in WP Activity Log <= 5.6.3.1 versions.
Subscriber Cross Site Scripting (XSS) in WP Activity Log <= 5.6.3.1 versions.
|
| CVE-2026-56014 |
|
Unauthenticated Cross Site Scripting (XSS) in Master Slider <= 3.11.2 versions.
Unauthenticated Cross Site Scripting (XSS) in Master Slider <= 3.11.2 versions.
|
| CVE-2026-56042 |
|
Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce <= 4.0.9 versions.
Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce <= 4.0.9 versions.
|
| CVE-2026-56006 |
|
Unauthenticated Cross Site Scripting (XSS) in H5P <= 1.17.6 versions.
Unauthenticated Cross Site Scripting (XSS) in H5P <= 1.17.6 versions.
|
| CVE-2026-10712 |
|
Cross-Site Scripting (XSS) in gitlab (CVE-2026-10712)
cross-site scripting in gitlab (CVE-2026-10712). Confidential information can be exposed externally.
|
| CVE-2026-10086 |
|
Cross-Site Scripting (XSS) in gitlab (CVE-2026-10086)
cross-site scripting in gitlab (CVE-2026-10086). Confidential information can be exposed externally.
|
| CVE-2026-10833 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-10833)
cross-site scripting in wordpress (CVE-2026-10833). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9780 |
|
Cross-Site Scripting (XSS) in quest (CVE-2026-9780)
cross-site scripting in quest (CVE-2026-9780). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7569 |
|
Cross-Site Scripting (XSS) in quest (CVE-2026-7569)
cross-site scripting in quest (CVE-2026-7569). Successful exploitation can lead to full system takeover.
|
| CVE-2026-39900 |
|
Cross-Site Scripting (XSS) in cacti (CVE-2026-39900)
cross-site scripting in cacti (CVE-2026-39900). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55570 |
|
Cross-Site Scripting (XSS) in CVE-2026-55570 (CVE-2026-55570)
cross-site scripting in CVE-2026-55570 (CVE-2026-55570). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.7.0` or later.
|
| CVE-2026-54158 |
|
Cross-Site Scripting (XSS) in CVE-2026-54158 (CVE-2026-54158)
cross-site scripting in CVE-2026-54158 (CVE-2026-54158). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.7.0` or later.
|
| CVE-2026-54070 |
|
Cross-Site Scripting (XSS) in CVE-2026-54070 (CVE-2026-54070)
cross-site scripting in CVE-2026-54070 (CVE-2026-54070). Confidential information can be exposed externally. Mitigation: upgrade to `3.7.0` or later.
|
| CVE-2026-54759 |
|
Cross-Site Scripting (XSS) in CVE-2026-54759 (CVE-2026-54759)
cross-site scripting in CVE-2026-54759 (CVE-2026-54759). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
|
| CVE-2026-54067 |
|
Cross-Site Scripting (XSS) in CVE-2026-54067 (CVE-2026-54067)
cross-site scripting in CVE-2026-54067 (CVE-2026-54067). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.7.0` or later.
|
| CVE-2026-50551 |
|
Cross-Site Scripting (XSS) in CVE-2026-50551 (CVE-2026-50551)
cross-site scripting in CVE-2026-50551 (CVE-2026-50551). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.7.0` or later.
|
| CVE-2026-39897 |
|
Cross-Site Scripting (XSS) in cacti (CVE-2026-39897)
cross-site scripting in cacti (CVE-2026-39897). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11998 |
|
Vulnerability in CVE-2026-11998 (CVE-2026-11998)
vulnerability in CVE-2026-11998 (CVE-2026-11998). Confidential information can be exposed externally.
|
| CVE-2026-47733 |
|
Cross-Site Scripting (XSS) in CVE-2026-47733 (CVE-2026-47733)
cross-site scripting in CVE-2026-47733 (CVE-2026-47733). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.5.0` or later.
|
| CVE-2026-53950 |
|
Cross-Site Scripting (XSS) in CVE-2026-53950 (CVE-2026-53950)
cross-site scripting in CVE-2026-53950 (CVE-2026-53950). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.1.0` or later.
|
| CVE-2026-49220 |
|
Cross-Site Scripting (XSS) in CVE-2026-49220 (CVE-2026-49220)
cross-site scripting in CVE-2026-49220 (CVE-2026-49220). Confidential information can be exposed externally. Mitigation: upgrade to `10.11.9` or later.
|
| CVE-2026-50701 |
|
Cross-Site Scripting (XSS) in CVE-2026-50701 (CVE-2026-50701)
cross-site scripting in CVE-2026-50701 (CVE-2026-50701). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50703 |
|
Cross-Site Scripting (XSS) in CVE-2026-50703 (CVE-2026-50703)
cross-site scripting in CVE-2026-50703 (CVE-2026-50703). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50704 |
|
Cross-Site Scripting (XSS) in CVE-2026-50704 (CVE-2026-50704)
cross-site scripting in CVE-2026-50704 (CVE-2026-50704). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50710 |
|
Cross-Site Scripting (XSS) in CVE-2026-50710 (CVE-2026-50710)
cross-site scripting in CVE-2026-50710 (CVE-2026-50710). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50712 |
|
Cross-Site Scripting (XSS) in CVE-2026-50712 (CVE-2026-50712)
cross-site scripting in CVE-2026-50712 (CVE-2026-50712). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50711 |
|
Cross-Site Scripting (XSS) in CVE-2026-50711 (CVE-2026-50711)
cross-site scripting in CVE-2026-50711 (CVE-2026-50711). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50705 |
|
Cross-Site Scripting (XSS) in CVE-2026-50705 (CVE-2026-50705)
cross-site scripting in CVE-2026-50705 (CVE-2026-50705). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50709 |
|
Cross-Site Scripting (XSS) in CVE-2026-50709 (CVE-2026-50709)
cross-site scripting in CVE-2026-50709 (CVE-2026-50709). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50708 |
|
Cross-Site Scripting (XSS) in CVE-2026-50708 (CVE-2026-50708)
cross-site scripting in CVE-2026-50708 (CVE-2026-50708). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50700 |
|
Cross-Site Scripting (XSS) in CVE-2026-50700 (CVE-2026-50700)
cross-site scripting in CVE-2026-50700 (CVE-2026-50700). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11878 |
|
Cross-Site Scripting (XSS) in microfocus (CVE-2026-11878)
cross-site scripting in microfocus (CVE-2026-11878). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50698 |
|
Cross-Site Scripting (XSS) in CVE-2026-50698 (CVE-2026-50698)
cross-site scripting in CVE-2026-50698 (CVE-2026-50698). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50699 |
|
Cross-Site Scripting (XSS) in CVE-2026-50699 (CVE-2026-50699)
cross-site scripting in CVE-2026-50699 (CVE-2026-50699). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13140 |
|
Cross-Site Scripting (XSS) in CVE-2026-13140 (CVE-2026-13140)
cross-site scripting in CVE-2026-13140 (CVE-2026-13140). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9643 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9643)
cross-site scripting in wordpress (CVE-2026-9643). Risk of unauthorized operations or information disclosure. Exploitable via ``wp_wpms_links.link_url``.
|
| CVE-2026-9620 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9620)
cross-site scripting in wordpress (CVE-2026-9620). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8896 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8896)
cross-site scripting in wordpress (CVE-2026-8896). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8628 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8628)
cross-site scripting in wordpress (CVE-2026-8628). Risk of unauthorized operations or information disclosure.
|