CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,133 vulnerabilities with CWE-79
CVE-2025-58027
MEDIUM
wpo-HR NGG Smart Image Search <3.4.3 - XSS
CVSS 6.5
CVE-2025-58026
MEDIUM
Termageddon: Cookie Consent & Privacy Compliance <= 1.8.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-58025
MEDIUM
Master Slider <= 3.11.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-58023
MEDIUM
akdevs Genealogical Tree <2.2.5 - XSS
CVSS 6.5
CVE-2025-58022
MEDIUM
ShortCode <= 0.8.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-58021
MEDIUM
douglaskarr List Child Pages Shortcode <1.3.1 - XSS
CVSS 6.5
CVE-2025-58020
MEDIUM
Theater for WordPress <0.18.8 - XSS
CVSS 6.5
CVE-2025-58019
MEDIUM
Search Atlas SEO <= 2.5.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-58018
MEDIUM
Richard Leishman Mail Subscribe List <2.1.10 - XSS
CVSS 6.5
CVE-2025-58017
MEDIUM
Ultimate Store Kit Elementor Addons <2.8.2 - XSS
CVSS 6.5
CVE-2025-58008
MEDIUM
xnau webdesign Participants Database <2.7.6.3 - XSS
CVSS 6.5
CVE-2025-58002
MEDIUM
GD bbPress Tools <= 3.5.3 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-58001
MEDIUM
Noumaan Yaqoob Compact Archives <4.1.0 - XSS
CVSS 6.5
CVE-2025-57999
MEDIUM
WPKoi Templates for Elementor <3.4.1 - XSS
CVSS 6.5
CVE-2025-57998
MEDIUM
E-namad & Shamed Logo Manager - XSS
CVSS 5.9
CVE-2025-57996
MEDIUM
Buckets <= 0.3.9 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-57993
MEDIUM
Benjamin Pick Geolocation IP Detection <5.5.0 - XSS
CVSS 6.5
CVE-2025-57989
MEDIUM
Brajesh Singh WordPress Widgets Shortcode <1.0.3 - XSS
CVSS 6.5
CVE-2025-57988
MEDIUM
Uncanny Owl Uncanny Toolkit for LearnDash <3.0.7.3 - XSS
CVSS 6.5
CVE-2025-57986
MEDIUM
WP Subtitle <= 3.4.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-57982
MEDIUM
WPBean Advance Portfolio Grid <1.07.6 - XSS
CVSS 5.9
CVE-2025-57981
MEDIUM
WP Social Widget <= 2.3.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-57980
MEDIUM
Tomas Cordero Safety Exit <1.8.0 - XSS
CVSS 5.9
CVE-2025-57979
MEDIUM
AuthorSure <= 2.3 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-57974
MEDIUM
TZ PlusGallery <= 1.5.5 - Stored Cross-Site Scripting
CVSS 5.9
Details
Vulnerabilities
45,133
Exploit Likelihood
High