CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,128 vulnerabilities with CWE-79
CVE-2025-11124
LOW
code-projects Project Monitoring System 1.0 - XSS
CVSS 3.5
CVE-2025-11119
MEDIUM
iSourcecode Hostel Management System 1.0 - XSS
CVSS 4.3
CVE-2025-11112
MEDIUM
PHPGurukul Employee Record Management System 1.3 - XSS
CVSS 4.3
CVE-2025-11069
LOW
westboy CicadasCMS 1.0 - Cross-Site Scripting via Add Department Handler Name Parameter
CVSS 2.4
CVE-2025-11068
LOW
westboy CicadasCMS 1.0 - Cross-Site Scripting via categoryName Parameter
CVSS 2.4
CVE-2025-11067
LOW
Projectworlds Visitor Management System 1.0 - XSS
CVSS 2.4
CVE-2025-9816
HIGH
WP Statistics - WordPress <14.5.4 - XSS
CVSS 7.2
CVE-2025-8440
MEDIUM
Team Members plugin - WordPress <5.3.5 - XSS
CVSS 6.4
CVE-2025-36239
MEDIUM
IBM Storage TS4500 Library 1.11.0.0 and 2.11.0.0 - Unauthenticated Cross-Site Scripting
CVSS 6.1
CVE-2025-57692
MEDIUM
PiranhaCMS 12.0 - Stored Cross-Site Scripting in Text Content Block
CVSS 6.8
CVE-2025-26258
MEDIUM
Sourcecodester Employee Management System 1.0 - Stored Cross-Site Scripting via Add Designation
CVSS 6.1
CVE-2025-11027
LOW
Vvveb < 1.0.7.2 - Cross-Site Scripting in SVG File Handler
CVSS 2.4
CVE-2025-6396
MEDIUM
Webbeyaz Website Design <2025.07.14 - XSS
CVSS 6.1
CVE-2025-57292
MEDIUM
Todoist v8484 - Stored Cross-Site Scripting via Avatar Upload
CVSS 6.1
CVE-2025-11019
LOW
Total.js CMS < 19.9.0 - Cross-Site Scripting in Files Menu
CVSS 2.4
CVE-2025-9642
HIGH
GitLab 14.10-18.2.6, 18.3-18.3.2, 18.4 - Cross-Site Scripting
CVSS 8.7
CVE-2025-60186
MEDIUM
Alex Moss Google+ Comments <1.0 - XSS
CVSS 5.9
CVE-2025-60185
MEDIUM
kontur Admin Style <= 1.0.4 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-60184
MEDIUM
SEO Search Permalink <= 1.0.3 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-60179
MEDIUM
Space Studio Click & Tweet <0.8.9 - XSS
CVSS 5.9
CVE-2025-60177
MEDIUM
rozx Recaptcha - wp <= 0.2.6 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-60163
MEDIUM
Robin W bbp topic count <= 3.2 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-60162
MEDIUM
PickPlugins Job Board Manager - XSS
CVSS 6.5
CVE-2025-60160
MEDIUM
SharkThemes Smart Related Products <2.0.5 - XSS
CVSS 5.9
CVE-2025-60158
MEDIUM
Nota Fiscal Eletrônica WooCommerce <3.4.0.6 - XSS
CVSS 5.9
Details
Vulnerabilities
45,128
Exploit Likelihood
High