CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

44,966 vulnerabilities with CWE-79
CVE-2025-40701 MEDIUM
SOTESHOP 8.3.4 - Reflected Cross-Site Scripting via 'id' Parameter in /adsTracker/checkAds
CVE-2025-62326 MEDIUM
HCL Digital Experience - Authenticated Stored Cross-Site Scripting in Administrative User Interface
CVSS 6.1
CVE-2025-15583 LOW
detronetdip E-commerce 1.0.0 - Cross-Site Scripting via get_safe_value Function
CVSS 3.5
CVE-2025-69392 HIGH
iMoney <= 0.36 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-69391 HIGH
GT3themes Diamond <= 2.4.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-69390 HIGH
Business Template Blocks for WPBakery <=1.3.2 - XSS
CVSS 7.1
CVE-2025-69389 HIGH
Visitor Maps Extended Referer Field <=1.2.6 - XSS
CVSS 7.1
CVE-2025-69386 HIGH
RVCFDI para Woocommerce <=8.1.8 - XSS
CVSS 7.1
CVE-2025-69384 HIGH
Timeline Event History <= 3.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-69368 HIGH
GT3themes SOHO - Photography WordPress Theme <=3.0.3 - XSS
CVSS 7.1
CVE-2025-69367 HIGH
GT3themes Oyster <=4.4.3 - DOM-Based XSS
CVSS 7.1
CVE-2025-69330 HIGH
Jthemes Prestige < 1.4.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-69326 HIGH
Basix NEX-Forms <= 9.1.7 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-69324 HIGH
Basix NEX-Forms <=9.1.7 - Stored XSS
CVSS 7.1
CVE-2025-69323 HIGH
Slimstat Analytics <= 5.3.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-69302 HIGH
DesignThemes Core Features <=2.3 - XSS
CVSS 7.1
CVE-2025-69296 HIGH
GhostPool Aardvark <= 4.6.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-69011 MEDIUM
Cool Tag Cloud <= 2.29 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-68880 HIGH
Simple Archive Generator <=5.2 - XSS
CVSS 7.1
CVE-2025-68863 HIGH
iContact for Gravity Forms <=1.3.2 - XSS
CVSS 7.1
CVE-2025-68856 HIGH
Mopinion Feedback Form <=1.1.1 - XSS
CVSS 7.1
CVE-2025-68854 HIGH
ID Arrays <= 2.1.2 - DOM-Based Cross-Site Scripting
CVSS 7.1
CVE-2025-68852 HIGH
Court Reservation <= 1.10.13 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-68848 HIGH
amr cron manager <= 2.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-68847 HIGH
iSape <= 0.72 - Reflected Cross-Site Scripting
CVSS 7.1
Details
Vulnerabilities 44,966
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits