CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
44,988 vulnerabilities with CWE-79
CVE-2025-68936
MEDIUM
ONLYOFFICE Document Server < 9.2.1 - Stored Cross-Site Scripting via Color Theme Name
CVSS 6.4
CVE-2025-68935
MEDIUM
ONLYOFFICE Document Server < 9.2.1 - Stored Cross-Site Scripting via Multilevel List Font Field
CVSS 6.4
CVE-2025-2406
HIGH
Trizbi < 2.144.4 - Cross-Site Scripting
CVSS 7.6
CVE-2025-2405
HIGH
Titarus < 2.144.4 - Cross-Site Scripting
CVSS 7.6
CVE-2025-2307
HIGH
Aidango < 2.144.4 - Cross-Site Scripting
CVSS 7.6
CVE-2025-68917
MEDIUM
ONLYOFFICE Document Server < 9.2.1 - Stored Cross-Site Scripting in Comment Editing Form Textarea
CVSS 6.4
CVE-2025-68915
MEDIUM
Riello UPS NetMan 208 < 1.12 - Cross-Site Scripting via Login Banner
CVSS 5.5
CVE-2025-2154
MEDIUM
Echo Call Center Services Trade and Industry Inc. Specto CM <170320...
CVSS 5.4
CVE-2025-68605
MEDIUM
PickPlugins Post Grid & Gutenberg Blocks <2.3.18 - XSS
CVSS 6.5
CVE-2025-68599
MEDIUM
YouTube Embed <= 5.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-68598
MEDIUM
Page Builder: Live Composer <= 2.1.13 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-68597
MEDIUM
BlueGlass Interactive AG Jobs for WordPress <= 2.7.17 - XSS
CVSS 6.5
CVE-2025-68574
MEDIUM
voidcoders WPBakery Visual Composer WHMCS Elements - XSS
CVSS 5.9
CVE-2025-68566
MEDIUM
wphocus My auctions allegro <3.6.32 - XSS
CVSS 5.9
CVE-2025-68533
MEDIUM
HasThemes WC Builder <= 1.2.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-68532
MEDIUM
ModelTheme Addons for WPBakery & Elementor < 1.5.6 - XSS
CVSS 6.5
CVE-2025-68528
MEDIUM
Free Shipping Bar: Amount Left for Free Shipping for WooCommerce <= 2.4.9 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-68527
MEDIUM
Kodezen LLC Academy LMS <3.4.0 - XSS
CVSS 6.5
CVE-2025-68525
MEDIUM
pixelgrade Category Icon <= 1.0.2 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-68513
MEDIUM
Bold Timeline Lite <= 1.2.7 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-68512
MEDIUM
Real 3D FlipBook <= 4.11.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-68497
MEDIUM
Brainstorm Force Astra Widgets <=1.2.16 - XSS
CVSS 5.9
CVE-2025-67633
MEDIUM
brownbagmarketing Greenhouse Job Board <= 2.7.3 - XSS
CVSS 5.9
CVE-2025-67632
MEDIUM
Google AdSense for Responsive Design - GARD <2.23 - XSS
CVSS 5.9
CVE-2025-67631
MEDIUM
Ecommerce Platforms Gift Hunt <2.0.2 - XSS
CVSS 5.9
Details
Vulnerabilities
44,988
Exploit Likelihood
High