CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,062 vulnerabilities with CWE-79
CVE-2025-52743
HIGH
bobbingwide oik-privacy-policy <= 1.4.9 - XSS
CVSS 7.1
CVE-2025-52742
HIGH
Igor Benic Pets <= 1.4.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-52741
HIGH
Barry Kooij Post Connector <1.0.12 - XSS
CVSS 7.1
CVE-2025-52736
HIGH
Daman Jeet Finale Lite <= 2.20.0 - XSS
CVSS 7.1
CVE-2025-52735
HIGH
NextMove Lite <= 2.24.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-52734
HIGH
ERA404 CropRefine <= 1.2.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-49992
HIGH
ThimPress LearnPress Export Import <4.0.9 - XSS
CVSS 7.1
CVE-2025-49963
HIGH
Simple Stripe Checkout <1.1.28 - XSS
CVSS 7.1
CVE-2025-49962
HIGH
bbPress Notify <= 2.19.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-49960
MEDIUM
LeadBI Plugin for WordPress <= 1.7 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-49959
HIGH
bbPress Move Topics <= 1.1.6 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-49958
HIGH
Robokassa payment gateway for Woocommerce <= 1.8.6 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-49957
HIGH
Weboccult Technologies Pvt Ltd Email Attachment by Order Status &am...
CVSS 7.1
CVE-2025-49956
HIGH
Fade Slider <= 2.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-49955
HIGH
Rajan Vijayan WP Smart Flexslider <2.6 - XSS
CVSS 7.1
CVE-2025-49954
HIGH
mithra62 WP-Click-Tracker <=0.7.3 - XSS
CVSS 7.1
CVE-2025-49953
HIGH
ShareBang, Ultimate Social Share Buttons for WordPress <= 1.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-49951
HIGH
wpcrunch gAppointments <= 1.14.1 - XSS
CVSS 7.1
CVE-2025-49948
HIGH
WP Super Edit <= 2.5.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-49947
HIGH
extendons WooCommerce Registration Fields Plugin - Custom Signup Fi...
CVSS 7.1
CVE-2025-49946
HIGH
Cynob IT Consultancy Auto Login After Registration <=1.0.0 - XSS
CVSS 7.1
CVE-2025-49945
HIGH
kylegetson Shortcode Generator <=1.1 - XSS
CVSS 7.1
CVE-2025-49944
HIGH
WPCode Content Ratio <= 2.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-49940
MEDIUM
ThemeFusion Fusion Builder <=3.13.2 - XSS
CVSS 6.5
CVE-2025-49939
MEDIUM
CrocoBlock JetElements For Elementor <= 2.7.8 - XSS
CVSS 6.5
Details
Vulnerabilities
45,062
Exploit Likelihood
High