Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TRe Technology And Research S.r.l. HQ60 Fidelity Card hq60-fidelity-card allows Reflected XSS.This issue affects HQ60 Fidelity Card: from n/a through <= 1.8.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in techdabang User Password Reset user-password-reset allows Reflected XSS.This issue affects User Password Reset: from n/a through <= 1.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Twitter real time search scrolling twitter-real-time-search-scrolling allows Reflected XSS.This issue affects Twitter real time search scrolling: from n/a through <= 7.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Perception System System Pvt. Ltd. Ajax Content Filter ajax-content-filter allows Reflected XSS.This issue affects Ajax Content Filter: from n/a through <= 1.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arsdehnel Simple Modal simplemodal allows Cross-Site Scripting (XSS).This issue affects Simple Modal: from n/a through <= 0.3.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Roman Peterhans Simplistic SEO simplistic-seo allows Reflected XSS.This issue affects Simplistic SEO: from n/a through <= 2.3.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Detlef Beyer SVT Simple svt-simple allows Reflected XSS.This issue affects SVT Simple: from n/a through <= 1.0.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ristretto Apps Dashing Memberships dashing-memberships allows Reflected XSS.This issue affects Dashing Memberships: from n/a through <= 1.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zackgilbert WPHelpful wphelpful allows Stored XSS.This issue affects WPHelpful: from n/a through <= 1.2.4.

The Magical Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.4 via the get_content_type function in includes/widgets/content-reveal.php. This makes it possible for authenticated attackers, with Contributor-level acce…