CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,062 vulnerabilities with CWE-79
CVE-2025-58961 HIGH
CF7 Auto Responder Addon <= 2.4 - XSS
CVSS 7.1
CVE-2025-58921 HIGH
Arevico WP Tactical Popup <2.1.1 - XSS
CVSS 7.1
CVE-2025-58916 HIGH
Author: Munzir <= 0.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-53427 HIGH
SEO Pyramid <= 1.9.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-53426 HIGH
Likert Survey Master <0.8.0.1 - XSS
CVSS 7.1
CVE-2025-53423 HIGH
Triss <= 2.6 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-53422 HIGH
ThemeWarriors WhatsApp Chat <1.2.1 - XSS
CVSS 7.1
CVE-2025-53420 HIGH
VibeThemes WPLMS < 1.9.9.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-53352 HIGH
G5Theme Grid Plus <= 3.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-53351 HIGH
Fidelo Snippet <= 1.12 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-53350 HIGH
webjunk Calendar Plus <=1.2.4 - XSS
CVSS 7.1
CVE-2025-53297 HIGH
AA-Team Woocommerce Envato Affiliates <= 1.2.1 - XSS
CVSS 7.1
CVE-2025-53238 HIGH
Toast Mobile Menu <= 1.0.8 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-53234 HIGH
AndonDesign UDesign Core <4.14.0 - XSS
CVSS 7.1
CVE-2025-53229 HIGH
kamleshyadav RockON DJ <= 3.3 - XSS
CVSS 7.1
CVE-2025-52770 HIGH
appscreo Hello Followers <= 2.5 - XSS
CVSS 7.1
CVE-2025-52763 HIGH
NickDuncan Nifty Backups <=1.08 - XSS
CVSS 7.1
CVE-2025-52760 HIGH
Globalis MultiSite Clone Duplicator <= 1.5.3 - XSS
CVSS 7.1
CVE-2025-52755 HIGH
Chris Taylor Child Themes <1.0.2 - XSS
CVSS 7.1
CVE-2025-52754 HIGH
Sello ChannelConnector <1.6.3 - XSS
CVSS 7.1
CVE-2025-52753 HIGH
Contact Form by Supsystic <1.7.35 - XSS
CVSS 7.1
CVE-2025-52751 HIGH
Slide Puzzle <= 1.0.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-52750 HIGH
Emu2 <= 0.83b - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-52749 HIGH
Activity Track Uji Countdown <=2.3.3 - XSS
CVSS 7.1
CVE-2025-52748 HIGH
e-plugins Directory Pro <= 2.5.5 - XSS
CVSS 7.1
Details
Vulnerabilities 45,062
Exploit Likelihood High