CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,155 vulnerabilities with CWE-79
CVE-2025-49450 MEDIUM
mhallmann SEPA Girocode <0.5.2 - XSS
CVSS 6.5
CVE-2025-49443 MEDIUM
Bacon Ipsum <= 2.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-49442 MEDIUM
Mostafa Shahiri Simple Nested Menu - XSS
CVSS 6.5
CVE-2025-49429 MEDIUM
Ryan Burnette Video Embeds <0.1.1 - XSS
CVSS 6.5
CVE-2025-49427 MEDIUM
Abbie Expander <= 1.0.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-49333 MEDIUM
wp.insider Simple Membership <4.6.3 - XSS
CVSS 5.9
CVE-2025-49322 MEDIUM
404 Page by SeedProd < 1.0.2 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-49318 MEDIUM
WPtouch <= 4.3.60 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-49314 MEDIUM
ovatheme BRW <= 1.8.6 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-49311 MEDIUM
CoolHappy The Events Calendar Countdown Addon <1.4.9 - XSS
CVSS 6.5
CVE-2025-49310 MEDIUM
M A Vinoth Kumar Frontend Dashboard <2.2.8 - XSS
CVSS 6.5
CVE-2025-49309 MEDIUM
HT Team Member <= 1.1.7 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-49306 MEDIUM
WP Social Widget <= 2.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-49305 MEDIUM
impleCode Product Catalog <1.8.1 - XSS
CVSS 6.5
CVE-2025-49304 MEDIUM
CodeManas Search with Typesense <2.0.10 - XSS
CVSS 6.5
CVE-2025-49301 MEDIUM
Greenshift <= 11.5.5 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-49299 MEDIUM
WPlugged.com WebHotelier <1.9.2 - XSS
CVSS 6.5
CVE-2025-49298 MEDIUM
Bastien Ho Event post <5.10.1 - XSS
CVSS 6.5
CVE-2025-49262 HIGH
Sina Extension for Elementor <= 3.6.1 - Stored Cross-Site Scripting
CVSS 7.6
CVE-2025-49244 MEDIUM
Vova Shortcodes Ultimate <7.3.5 - XSS
CVSS 6.5
CVE-2025-49243 MEDIUM
sevenspark ShiftNav - Responsive Mobile Menu <1.8 - XSS
CVSS 6.5
CVE-2025-49242 MEDIUM
sevenspark Bellows Accordion Menu <1.4.3 - XSS
CVSS 6.5
CVE-2025-49235 MEDIUM
Rometheme RTMKit Addons for Elementor <1.6.0 - XSS
CVSS 6.5
CVE-2025-31025 MEDIUM
Blocksera Image Hover Effects Block <1.4.5 - XSS
CVSS 6.5
CVE-2025-30991 MEDIUM
Shahjada Premium Packages <6.0.2 - XSS
CVSS 6.5
Details
Vulnerabilities 45,155
Exploit Likelihood High