CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,155 vulnerabilities with CWE-79
CVE-2025-49076
MEDIUM
POSIMYTH Innovations The Plus Addons - XSS
CVSS 6.5
CVE-2025-49075
MEDIUM
PickPlugins Wishlist <= 1.0.43 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-49074
MEDIUM
WidgetKit <= 2.5.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-49068
MEDIUM
Ocean Extra <= 2.4.8 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-49067
MEDIUM
Nasa Core < 6.4.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-48329
HIGH
Daman Jeet Real Time Validation for Gravity Forms <1.7.0 - XSS
CVSS 7.1
CVE-2025-41367
MEDIUM
IDF v0.10.0-0C03-03 & ZLF v0.10.0-0C03-04 - XSS
CVE-2025-41364
MEDIUM
IDF v0.10.0-0C03-03 & ZLF v0.10.0-0C03-04 - XSS
CVE-2025-5757
LOW
Traffic Offense Reporting System 1.0 - Cross-Site Scripting via /save-reported.php Parameter Manipulation
CVSS 3.5
CVE-2025-5727
LOW
Student Result Management System 1.0 - Stored Cross-Site Scripting in Announcement Page Title Field
CVSS 2.4
CVE-2025-5703
MEDIUM
StageShow < 10.0.3 - Authenticated Stored Cross-Site Scripting via Anchor Parameter
CVSS 6.4
CVE-2025-5699
MEDIUM
WordPress Developer Formatter <2015.0.2.1 - XSS
CVSS 5.5
CVE-2025-5586
MEDIUM
WordPress Ajax Load More & Infinite Scroll <1.6.0 - XSS
CVSS 6.4
CVE-2025-5565
MEDIUM
Hide It <= 1.0.1 - Authenticated Stored Cross-Site Scripting via 'hideit' Shortcode
CVSS 6.4
CVE-2025-5541
MEDIUM
Runners Log <= 3.9.2 - Authenticated Stored Cross-Site Scripting via runnerslog Shortcode
CVSS 6.4
CVE-2025-5538
MEDIUM
BNS Featured Category <= 2.8.2 - Authenticated Stored Cross-Site Scripting via 'bnsfc' Shortcode
CVSS 6.4
CVE-2025-5536
MEDIUM
Freemind Viewer <= 1.0 - Authenticated Stored Cross-Site Scripting via Shortcode Attributes
CVSS 6.4
CVE-2025-5534
MEDIUM
WordPress ESV Bible Shortcode <1.0.2 - XSS
CVSS 6.4
CVE-2025-5533
MEDIUM
WordPress Knowledge Base <2.3.0 - XSS
CVSS 6.4
CVE-2025-5726
LOW
SourceCodester Student Result Management System 1.0 - Stored Cross-Site Scripting in Division System Page
CVSS 2.4
CVE-2025-5725
LOW
SourceCodester Student Result Management System 1.0 - Stored Cross-Site Scripting in Grading System Remark Field
CVSS 2.4
CVE-2025-5724
LOW
Student Result Management System 1.0 - Stored Cross-Site Scripting in Subjects Page
CVSS 2.4
CVE-2025-5723
LOW
Student Result Management System 1.0 - Stored Cross-Site Scripting in Classes Page Class Name Field
CVSS 2.4
CVE-2025-5722
LOW
Student Result Management System 1.0 - Stored Cross-Site Scripting in Academic Term Field
CVSS 2.4
CVE-2025-5721
LOW
Student Result Management System 1.0 - Stored Cross-Site Scripting in Profile Setting Page
CVSS 2.4
Details
Vulnerabilities
45,155
Exploit Likelihood
High