CWE-82— Improper Neutralization of Script in Attributes of IMG Tags
7 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-82page 1 of 1
- CVE-2023-30963MEDIUMCVSS 5.4EG 5.42023-07-10
A security defect was discovered in Foundry Frontend which enabled users to perform Stored XSS attacks in Slate if Foundry's CSP were to be bypassed. This defect was resolved with the release of Foundry Frontend 6.229.0. The service was ro…
- CVE-2024-48042CRITICALCVSS 9.1EG 9.12024-10-16
Deserialization of Untrusted Data vulnerability in supsystic Contact Form by Supsystic contact-form-by-supsystic allows Command Injection.This issue affects Contact Form by Supsystic: from n/a through <= 1.7.28.
- CVE-2024-49271CRITICALCVSS 9.1EG 9.12024-10-16
Deserialization of Untrusted Data vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) unlimited-elements-for-elementor allows Command Injection.This issue affects Unlimited Elements For El…
- CVE-2024-52393CRITICALCVSS 9.1EG 9.12024-11-14
Deserialization of Untrusted Data vulnerability in Eric Teubert Podlove Podcast Publisher podlove-podcasting-plugin-for-wordpress.This issue affects Podlove Podcast Publisher: from n/a through <= 4.1.15.
- CVE-2024-52427CRITICALCVSS 9.9EG 9.92024-11-18
Deserialization of Untrusted Data vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Server Side Include (SSI) Injection.This issue affects Event Tickets with Ticket Scanner: from n/a thro…
- CVE-2024-52434CRITICALCVSS 9.1EG 9.12024-11-18
Deserialization of Untrusted Data vulnerability in supsystic Popup by Supsystic popup-by-supsystic allows Command Injection.This issue affects Popup by Supsystic: from n/a through <= 1.10.29.
- CVE-2025-53194HIGHCVSS 8.5EG 8.52025-08-20
Deserialization of Untrusted Data vulnerability in Crocoblock JetEngine jet-engine allows Code Injection.This issue affects JetEngine: from n/a through <= 3.7.0.
Map vulnerabilities like CWE-82 to your infrastructure
EchelonGraph correlates every CVE — across CWE-82 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →