CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

44,973 vulnerabilities with CWE-79
CVE-2025-62140 MEDIUM
Plainware Locatoraid Store Locator <3.9.65 - XSS
CVSS 5.9
CVE-2025-62124 MEDIUM
Soli WP Post Signature <0.4.1 - XSS
CVSS 5.9
CVE-2025-62121 MEDIUM
Imran Emu Logo Slider, Logo Carousel, Logo showcase, Client Logo <1...
CVSS 5.9
CVE-2025-62119 MEDIUM
ViitorCloud Technologies Pvt Ltd Add Featured Image Custom Link <2....
CVSS 5.9
CVE-2025-62097 MEDIUM
SEO Slider <= 1.1.1 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-62096 MEDIUM
WPFactory Maximum Products per User for WooCommerce <4.4.2 - XSS
CVSS 6.5
CVE-2025-62095 MEDIUM
Neilgee Bootstrap Modals <1.3.2 - XSS
CVSS 6.5
CVE-2025-62990 MEDIUM
Livemesh Addons for Beaver Builder <3.9.2 - XSS
CVSS 6.5
CVE-2025-62744 MEDIUM
Chris Steman Page Title Splitter <2.5.9 - XSS
CVSS 6.5
CVE-2025-62743 MEDIUM
MyBookTable Bookstore <= 3.6.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-62742 MEDIUM
Curator.io <= 1.9.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-62125 MEDIUM
Custom Background Changer <3.0 - XSS
CVSS 6.5
CVE-2025-62118 MEDIUM
kcseopro AdWords Conversion Tracking Code - XSS
CVSS 6.5
CVE-2025-62111 MEDIUM
Webvitaly Extra Shortcodes <2.2 - XSS
CVSS 6.5
CVE-2025-49357 MEDIUM
Audiomack <= 1.4.8 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-63032 MEDIUM
ThinkUpThemes Consulting <1.5.0 - XSS
CVSS 6.5
CVE-2025-62991 MEDIUM
ThinkUpThemes Minamaze <1.10.1 - XSS
CVSS 6.5
CVE-2025-62757 MEDIUM
WebMan Amplifier <= 1.5.12 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-62756 MEDIUM
lvaudore The Moneytizer <10.0.6 - XSS
CVSS 6.5
CVE-2025-62752 MEDIUM
Kalender.digital <= 1.0.13 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-62749 MEDIUM
Bainternet User Specific Content <1.0.6 - XSS
CVSS 6.5
CVE-2025-62748 MEDIUM
Web and WooCommerce Addons for WPBakery Builder <= 1.5 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-62135 MEDIUM
Responsive Block Control <1.2.9 - XSS
CVSS 6.5
CVE-2025-49358 MEDIUM
Ruhul Amin Content Fetcher <1.1 - XSS
CVSS 6.5
CVE-2025-63005 MEDIUM
Tomas WordPress Tooltips <10.7.9 - XSS
CVSS 6.5
Details
Vulnerabilities 44,973
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits