CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,145 vulnerabilities with CWE-79
CVE-2025-53278
MEDIUM
WP AdCenter <= 2.6.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-53276
MEDIUM
Omnipress <= 1.6.4 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-53275
MEDIUM
VaultDweller Leyka <= 3.32.1 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-53253
MEDIUM
Josh WP Edit <= 4.0.4 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-53206
MEDIUM
HT Mega - Absolute Addons for WPBakery Page Builder <1.0.8 - XSS
CVSS 6.5
CVE-2025-53202
MEDIUM
CyberChimps Responsive Blocks <2.0.6 - XSS
CVSS 6.5
CVE-2025-53199
MEDIUM
HT Slider For Elementor <1.6.5 - XSS
CVSS 6.5
CVE-2025-52799
HIGH
designthemes LMS <= 9.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-52778
HIGH
Michel - xiligroup dev xili-dictionary <2.12.5.2 - XSS
CVSS 7.1
CVE-2025-52774
HIGH
Infility Global <= 2.15.06 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-52727
HIGH
QuanticaLabs CSS3 Vertical Web Pricing Tables - XSS
CVSS 7.1
CVE-2025-50052
HIGH
Flexo Counter <= 1.0001 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-49423
HIGH
Syed Tahir Ali Jan Bulk YouTube Post Creator - XSS
CVSS 7.1
CVE-2025-49321
HIGH
Eventin <= 4.0.28 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-49290
HIGH
Jory Hogeveen Slidebars <0.5.8.4 - XSS
CVSS 7.1
CVE-2025-47654
HIGH
FormLift for Infusionsoft Web Forms <7.5.20 - XSS
CVSS 7.1
CVE-2025-47574
HIGH
Mojoomla School Management <92.0.0 - XSS
CVSS 7.1
CVE-2025-39488
HIGH
Sneeit MagOne <= 8.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-39478
HIGH
smartiolabs Smart Notification <10.3 - XSS
CVSS 7.1
CVE-2025-31428
HIGH
BuddhaThemes HYDRO <= 2.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-31067
HIGH
Seven Stars < 1.4.4 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-30972
HIGH
WooCommerce Line Notify <1.1.7 - XSS
CVSS 7.1
CVE-2025-28988
HIGH
Aharonyan WP Front User Submit/Front Editor <4.9.3 - XSS
CVSS 7.1
CVE-2025-28960
HIGH
regibaer Evangelische Termine <3.3 - XSS
CVSS 7.1
CVE-2025-28956
HIGH
Backwp <= 2.0.2 - Reflected Cross-Site Scripting
CVSS 7.1
Details
Vulnerabilities
45,145
Exploit Likelihood
High