CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,128 vulnerabilities with CWE-79
CVE-2025-60157
MEDIUM
WP Ticket Customer Service Software & Support Ticket System <6.0.2 ...
CVSS 6.5
CVE-2025-60154
MEDIUM
Jennifer Moss MWW Disclaimer Buttons <= 3.41 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-60149
MEDIUM
Notely <= 1.8.0 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-60147
MEDIUM
HT Feed <= 1.3.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-60146
MEDIUM
Amit Verma Map Categories to Pages <1.3.2 - XSS
CVSS 5.9
CVE-2025-60144
MEDIUM
Lenix scss compiler <= 1.2 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-60142
MEDIUM
DaganLev Simple Meta Tags <1.5 - XSS
CVSS 6.5
CVE-2025-60141
MEDIUM
The Tribal <= 1.3.3 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-60138
MEDIUM
SKT Blocks <= 2.6 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-60136
MEDIUM
User Notes <= 1.0.2 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-60133
MEDIUM
DJ-Extensions.com PE Easy Slider <1.1.0 - XSS
CVSS 5.9
CVE-2025-60124
MEDIUM
Ryan Hellyer Simple Colorbox <1.6.1 - XSS
CVSS 6.5
CVE-2025-60112
MEDIUM
aThemes Addons for Elementor <1.1.3 - XSS
CVSS 6.5
CVE-2025-60105
MEDIUM
metaphorcreations Ditty <3.1.58 - XSS
CVSS 6.5
CVE-2025-60104
MEDIUM
Jordy Meow Gallery Custom Links <2.2.5 - XSS
CVSS 5.9
CVE-2025-60102
MEDIUM
WPFront User Role Editor <4.2.3 - XSS
CVSS 6.5
CVE-2025-60101
MEDIUM
Woostify <= 2.4.2 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-60099
MEDIUM
awsm.in Embed Any Document <2.7.7 - XSS
CVSS 6.5
CVE-2025-60040
MEDIUM
wp-mpdf <= 3.9.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-59012
HIGH
Traveler < 3.2.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-58917
MEDIUM
Quantities and Units for WooCommerce <1.0.13 - XSS
CVSS 6.5
CVE-2025-4957
HIGH
Metagauss ProfileGrid <5.9.5.7 - XSS
CVSS 7.1
CVE-2025-48107
HIGH
Uncode < 2.9.4.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-27006
MEDIUM
Authorsy <= 1.0.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-10490
MEDIUM
Zephyr Project Manager <3.3.202 - XSS
CVSS 4.4
Details
Vulnerabilities
45,128
Exploit Likelihood
High