CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,157 vulnerabilities with CWE-79
CVE-2025-2929
HIGH
Order Delivery Date WP <12.4.0 - XSS
CVSS 7.1
CVE-2025-47946
MEDIUM
Symfony UX < 2.25.1 - Cross-Site Scripting via ComponentAttributes Rendering
CVSS 6.1
CVE-2025-39393
HIGH
Hospital Management System <= 47.0(20-11-2023) - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-39392
HIGH
mojoomla WPAMS <= 44.0 (17-08-2023) - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-39372
HIGH
elbisnero WordPress Events Calendar Registration & Tickets <2.6.0 -...
CVSS 7.1
CVE-2025-39365
HIGH
wProject < 5.8.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-31027
HIGH
jocoxdesign Tiger < 2.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-43839
HIGH
BP Messages Tool <= 2.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-43837
HIGH
binti76 Total Donations <3.0.8 - XSS
CVSS 7.1
CVE-2025-43836
HIGH
confuzzledduck Syndicate Out <0.9 - XSS
CVSS 7.1
CVE-2025-43832
HIGH
andreyk Remote Images Grabber <0.6 - XSS
CVSS 7.1
CVE-2025-39446
HIGH
Booster Plus for WooCommerce <= 7.2.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-39409
HIGH
pressaholic WordPress Video Robot <1.20.0 - XSS
CVSS 7.1
CVE-2025-39407
HIGH
Caseproof LLC Memberpress <1.12.0 - XSS
CVSS 7.1
CVE-2025-43841
MEDIUM
WP Vegas <= 2.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-43834
MEDIUM
cookieBAR <= 1.7.0 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-39450
MEDIUM
Crocoblock JetTabs <= 2.2.7 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-39448
MEDIUM
Crocoblock JetElements For Elementor <2.7.4.1 - XSS
CVSS 6.5
CVE-2025-26997
HIGH
Wireless Butler <= 1.0.11 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-46543
MEDIUM
Charly Leetham Enhanced Paypal Shortcodes <0.5a - XSS
CVSS 6.5
CVE-2025-46263
MEDIUM
Lloyd Saunders Author Box <1.6 - XSS
CVSS 6.5
CVE-2025-46262
MEDIUM
Mad Mimi for WordPress <1.5.1 - XSS
CVSS 6.5
CVE-2025-39369
MEDIUM
Posts for Page <= 2.1 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-4939
MEDIUM
PHPGurukul Credit Card Application Management System 1.0 - Stored Cross-Site Scripting in /admin/new-ccapplication.php
CVSS 4.3
CVE-2025-32920
MEDIUM
TemplateInvaders TI WooCommerce Wishlist <2.10.0 - XSS
CVSS 6.5
Details
Vulnerabilities
45,157
Exploit Likelihood
High