CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,028 vulnerabilities with CWE-79
CVE-2025-62011
MEDIUM
TheGem <= 5.10.5 - Cross-Site Scripting
CVSS 6.5
CVE-2025-59556
HIGH
GoStore < 1.6.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-58964
HIGH
skygroup Enzy < 1.6.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-58638
HIGH
e-plugins Institutions Directory <=1.3.3 - XSS
CVSS 7.1
CVE-2025-54737
HIGH
NooTheme Jobmonster <= 4.7.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-54722
HIGH
WooTour <= 3.6.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-54721
HIGH
ThimPress Resca <= 3.0.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-54718
HIGH
NooTheme Yogi - Health Beauty & Yoga <= 2.9.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-53585
HIGH
NooTheme WeMusic <= 1.9.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-53574
HIGH
ptibogxiv Doliconnect <=9.3.2 - XSS
CVSS 7.1
CVE-2025-53573
HIGH
Epic Review <= 1.0.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-53349
HIGH
Laborator Kalium <= 3.18.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-53324
HIGH
Gutenify <= 1.5.7 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-53286
HIGH
Jhainey Milevis Dropify <4.6.9 - XSS
CVSS 7.1
CVE-2025-53245
HIGH
Afzal Multani WP Logo Changer <1.3 - XSS
CVSS 7.1
CVE-2025-53239
HIGH
bnovotny User Registration Aide <= 1.5.3.8 - XSS
CVSS 7.1
CVE-2025-52764
HIGH
flexoslider <= 1.0004 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-49909
HIGH
Penci Bookmark & Follow < 2.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-49905
HIGH
Range Slider Addon for Gravity Forms <1.1.7 - XSS
CVSS 7.1
CVE-2025-49904
HIGH
Booking and Rental Manager <2.5.3 - XSS
CVSS 7.1
CVE-2025-49390
HIGH
Cookie Notice & Consent <= 1.6.4 - XSS
CVSS 7.1
CVE-2025-31029
HIGH
bingu replyMail <= 1.2.0 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-36054
MEDIUM
IBM Business Automation Workflow & Process Federation Server Unauthenticated Stored XSS
CVSS 6.1
CVE-2025-11956
HIGH
Proliz Software Ltd. Co. OBS <25.0401 - XSS
CVSS 8.9
CVE-2025-10955
MEDIUM
Netcad Software Inc. Netigma <6.3.5 V8 - XSS
CVSS 6.1
Details
Vulnerabilities
45,028
Exploit Likelihood
High