CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,137 vulnerabilities with CWE-79
CVE-2025-58851 MEDIUM
DigitalCourt Boxed Content <1.0 - XSS
CVSS 6.5
CVE-2025-58850 MEDIUM
Showpass WordPress Extension <4.0.3 - XSS
CVSS 6.5
CVE-2025-58842 MEDIUM
Givecloud Donation Forms WP <1.0.9 - XSS
CVSS 6.5
CVE-2025-58840 MEDIUM
Ibnul H. Custom Team Manager <2.4.2 - XSS
CVSS 6.5
CVE-2025-58838 MEDIUM
Smooth Accordion <= 2.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-58837 MEDIUM
Shiful H SS Font Awesome Icon <4.1.3 - XSS
CVSS 6.5
CVE-2025-58836 MEDIUM
FW Anker <= 1.2.6 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-58834 MEDIUM
gugu short.io < 2.4.2 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-58832 MEDIUM
Search by Google <= 1.9 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-58830 MEDIUM
Parallax Scrolling Enllax.js <0.0.7 - XSS
CVSS 6.5
CVE-2025-58828 MEDIUM
codemstory SocialTalk <=1.2.1 - XSS
CVSS 6.5
CVE-2025-58826 MEDIUM
Eric Mann WP Publication Archive <3.0.1 - XSS
CVSS 6.5
CVE-2025-58825 MEDIUM
Habibur Rahman Comment Form WP - Customize Default Comment Form <2....
CVSS 5.9
CVE-2025-58823 MEDIUM
The African Boss Get Cash <3.2.2 - XSS
CVSS 6.5
CVE-2025-58822 MEDIUM
WP Mail <= 1.3 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-58821 MEDIUM
WP Notification Bell <= 1.4.6 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-58820 MEDIUM
Themepoints Carousel Ultimate <1.8 - XSS
CVSS 5.9
CVE-2025-58814 MEDIUM
Ram Ratan Maurya Stagtools <2.3.8 - XSS
CVSS 6.5
CVE-2025-58812 MEDIUM
PriceListo Best Restaurant Menu <1.4.3 - XSS
CVSS 6.5
CVE-2025-58811 MEDIUM
WP CodeUs Ultimate Client Dash <4.6 - XSS
CVSS 5.9
CVE-2025-58810 MEDIUM
jimmywb Simple Link List Widget <0.3.2 - XSS
CVSS 5.9
CVE-2025-58808 MEDIUM
Babar prettyPhoto <= 1.2.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-58805 MEDIUM
OTWthemes Widgetize Pages Light <3.0 - XSS
CVSS 5.9
CVE-2025-58796 MEDIUM
Elementor Element Condition <1.0.5 - XSS
CVSS 6.5
CVE-2025-58793 MEDIUM
WPBean WPB Elementor Addons <1.6 - XSS
CVSS 6.5
Details
Vulnerabilities 45,137
Exploit Likelihood High