CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,143 vulnerabilities with CWE-79
CVE-2025-51858
MEDIUM
ChatPlayground.ai <2025-05-24 - XSS
CVSS 6.1
CVE-2025-4294
MEDIUM
HotelRunner B2B < 04.06.2025 - Cross-Site Scripting
CVSS 4.8
CVE-2025-34141
MEDIUM
ETQ Reliance CG (legacy) < SE.2025.1 - Reflected Cross-Site Scripting in SQLConverterServlet
CVE-2025-4284
MEDIUM
Rolantis Information Technologies Agentis <4.32 - XSS
CVSS 6.1
CVE-2025-7644
MEDIUM
Pixel Gallery Addons - WordPress <1.6.7 - XSS
CVSS 6.4
CVE-2025-7495
MEDIUM
WP-Members Membership Plugin <3.5.4.1 - XSS
CVSS 6.4
CVE-2025-7951
LOW
code-projects Public Chat Room 1.0 - XSS
CVSS 3.5
CVE-2025-6831
MEDIUM
WordPress User Registration 0-4.2.4 - XSS
CVSS 6.4
CVE-2025-5240
MEDIUM
CRM and Lead Management by vcita <= 2.7.5 - Authenticated Stored Cross-Site Scripting via Type Parameter
CVSS 6.4
CVE-2025-7946
MEDIUM
PHPGurukul Apartment Visitors Management System 1.0 - XSS
CVSS 4.3
CVE-2025-7944
MEDIUM
PHPGurukul Taxi Stand Management System 1.0 - XSS
CVSS 4.3
CVE-2025-7943
MEDIUM
PHPGurukul Taxi Stand Management System 1.0 - XSS
CVSS 4.3
CVE-2025-7486
MEDIUM
Ebook Store <= 5.8012 - Authenticated Stored Cross-Site Scripting via Order Details
CVSS 4.4
CVE-2025-7942
LOW
PHPGurukul Taxi Stand Management System 1.0 - XSS
CVSS 3.5
CVE-2025-7941
LOW
PHPGurukul Time Table Generator System 1.0 - XSS
CVSS 3.5
CVE-2025-54128
MEDIUM
haxcms-nodejs < 11.0.8 - Cross-Site Scripting via Disabled Content Security Policy
CVSS 6.1
CVE-2025-53528
HIGH
Cadwyn < 5.4.3 - Reflected Cross-Site Scripting via Docs Endpoint Version Parameter
CVSS 7.6
CVE-2025-51403
MEDIUM
Live Helper Chat < 4.61 - Stored Cross-Site Scripting via Department Alias Nick Parameter
CVSS 6.5
CVE-2025-51401
MEDIUM
live_helper_chat < 4.61 - Stored Cross-Site Scripting via Operator Name Parameter
CVSS 5.4
CVE-2025-51400
MEDIUM
live_helper_chat < 4.61 - Stored Cross-Site Scripting in Personal Canned Messages
CVSS 5.4
CVE-2025-51398
MEDIUM
livehelperchat < 4.61 - Stored Cross-Site Scripting via Facebook Registration Name Parameter
CVSS 5.4
CVE-2025-51396
MEDIUM
Live Helper Chat < 4.61 - Stored Cross-Site Scripting via Telegram Bot Username Parameter
CVSS 5.4
CVE-2025-7716
MEDIUM
Real-time SEO for Drupal 8.x-2.0-8.x-2.1 - Cross-Site Scripting
CVSS 6.1
CVE-2025-7715
MEDIUM
Drupal Block Attributes <2.0.1 - XSS
CVSS 6.1
CVE-2025-7392
MEDIUM
Drupal Cookies Addons 1.0.0-1.2.3 - Cross-Site Scripting
CVSS 6.1
Details
Vulnerabilities
45,143
Exploit Likelihood
High