CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,133 vulnerabilities with CWE-79
CVE-2025-58254
MEDIUM
dtbaker StylePress for Elementor <1.2.1 - XSS
CVSS 6.5
CVE-2025-58253
MEDIUM
Rameez Iqbal Real Estate Manager <7.3 - XSS
CVSS 6.5
CVE-2025-58248
MEDIUM
Pinterest Pinboard Widget <1.0.8 - XSS
CVSS 6.5
CVE-2025-58245
MEDIUM
bestweblayout Portfolio <2.58 - XSS
CVSS 5.9
CVE-2025-58242
MEDIUM
Vadim Bogaiskov Bg Church Memos - XSS
CVSS 6.5
CVE-2025-58241
MEDIUM
SnapWidget Social Photo Feed Widget <1.1.0 - XSS
CVSS 6.5
CVE-2025-58240
MEDIUM
Michel - xiligroup dev xili-tidy-tags <1.12.06 - XSS
CVSS 6.5
CVE-2025-58239
MEDIUM
Chandrika Sista WP Category Dropdown <1.9 - XSS
CVSS 6.5
CVE-2025-58238
MEDIUM
ONTRAPORT PilotPress <= 2.0.36 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-58237
MEDIUM
Niaj Morshed LC Wizard <1.3.0 - XSS
CVSS 6.5
CVE-2025-58235
MEDIUM
Rustaurius Front End Users <3.2.33 - XSS
CVSS 6.5
CVE-2025-58234
MEDIUM
JoomSky JS Job Manager <= 2.0.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-58233
MEDIUM
Guaven Labs SQL Chart Builder <2.3.7.2 - XSS
CVSS 6.5
CVE-2025-58232
MEDIUM
Image Editor by Pixo <= 2.3.8 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-58231
MEDIUM
Bitly <= 2.8.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-58230
MEDIUM
bdthemes ZoloBlocks <= 2.3.12 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-58229
MEDIUM
webvitaly Sitekit <= 2.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-58228
MEDIUM
ShapedPlugin LLC Quick View for WooCommerce <2.2.16 - XSS
CVSS 6.5
CVE-2025-58227
MEDIUM
Podlove Subscribe button <= 1.3.11 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-58223
MEDIUM
VoucherPress <= 1.5.7 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-58220
MEDIUM
Techeshta Card Elements for WPBakery <1.0.8 - XSS
CVSS 6.5
CVE-2025-58033
MEDIUM
Draft <= 3.0.9 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-58031
MEDIUM
Nextend Facebook Connect <3.1.19 - XSS
CVSS 6.5
CVE-2025-58030
MEDIUM
webvitaly Page-list <= 5.8 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-58028
MEDIUM
Aum Watcharapon Designil PDPA Thailand <2.0 - XSS
CVSS 6.5
Details
Vulnerabilities
45,133
Exploit Likelihood
High