CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,062 vulnerabilities with CWE-79
CVE-2025-10727
MEDIUM
ArkSigner Software and Hardware Inc. AcBakImzala <5.1.4 - XSS
CVSS 5.4
CVE-2025-62499
MEDIUM
Movable Type 7-8.4.3 - Stored Cross-Site Scripting in ContentType Edit CategorySet
CVSS 4.8
CVE-2025-54856
MEDIUM
Movable Type 7-8.4.3 - Stored Cross-Site Scripting in Edit ContentData Page
CVSS 4.8
CVE-2025-54806
MEDIUM
GROWI < 4.2.8 - Stored Cross-Site Scripting in Page Alert Function
CVSS 6.1
CVE-2025-62613
MEDIUM
vdo.ninja 28.0-28.4 - Reflected Cross-Site Scripting via Room Parameter
CVE-2025-62248
MEDIUM
Liferay Portal 7.4.0-7.4.3.132 & DXP 2024.Q1.1-2024.Q1.19 - Authenticated XSS via DDMPortlet Definition Parameter
CVSS 4.8
CVE-2025-62659
LOW
MediaWiki CookieConsent <2.0.0 - XSS
CVE-2025-62069
MEDIUM
RealMag777 MDTF <= 1.3.3.8 - Cross-Site Scripting
CVSS 6.5
CVE-2025-62068
MEDIUM
E2Pdf e2pdf <= 1.28.09 - Cross-Site Scripting
CVSS 6.5
CVE-2025-62063
MEDIUM
WP Travel Gutenberg Blocks <3.9.2 - XSS
CVSS 6.5
CVE-2025-62060
MEDIUM
Themepoints Tab Ultimate <= 1.8 - Cross-Site Scripting
CVSS 6.5
CVE-2025-62058
MEDIUM
Houzez Theme - Functionality < 4.2.0 - Cross-Site Scripting
CVSS 6.5
CVE-2025-62042
MEDIUM
Event post <= 5.10.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-62024
MEDIUM
Pie Calendar <= 1.2.9 - Cross-Site Scripting
CVSS 6.5
CVE-2025-62020
HIGH
VOD Infomaniak <= 1.5.11 - Cross-Site Scripting
CVSS 7.1
CVE-2025-60246
HIGH
Simple Finance Calculator <=1.0 - XSS
CVSS 7.1
CVE-2025-60176
MEDIUM
WP Tesseract <= 1.0.2 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-60135
MEDIUM
Nikitas Georgopoulos WeShare Buttons <14 - XSS
CVSS 5.9
CVE-2025-60131
MEDIUM
Zoefff Werk aan de Muur <= 1.5 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-59593
MEDIUM
Colibri Page Builder < 1.0.334 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-59571
HIGH
purethemes WorkScout-Core <1.7.06 - XSS
CVSS 7.1
CVE-2025-59006
HIGH
themebon Easy Woocommerce Customizer <1.0.3 - XSS
CVSS 7.1
CVE-2025-59004
HIGH
pco_58 WC Return products <1.6 - XSS
CVSS 7.1
CVE-2025-58971
HIGH
Doctreat <= 1.6.7 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-58966
HIGH
Basix NEX-Forms LITE < 8.2 - Reflected Cross-Site Scripting
CVSS 7.1
Details
Vulnerabilities
45,062
Exploit Likelihood
High