CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,165 vulnerabilities with CWE-79
CVE-2025-39448
MEDIUM
Crocoblock JetElements For Elementor <2.7.4.1 - XSS
CVSS 6.5
CVE-2025-26997
HIGH
Wireless Butler <= 1.0.11 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-46543
MEDIUM
Charly Leetham Enhanced Paypal Shortcodes <0.5a - XSS
CVSS 6.5
CVE-2025-46263
MEDIUM
Lloyd Saunders Author Box <1.6 - XSS
CVSS 6.5
CVE-2025-46262
MEDIUM
Mad Mimi for WordPress <1.5.1 - XSS
CVSS 6.5
CVE-2025-39369
MEDIUM
Posts for Page <= 2.1 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-4939
MEDIUM
PHPGurukul Credit Card Application Management System 1.0 - Stored Cross-Site Scripting in /admin/new-ccapplication.php
CVSS 4.3
CVE-2025-32920
MEDIUM
TemplateInvaders TI WooCommerce Wishlist <2.10.0 - XSS
CVSS 6.5
CVE-2025-23988
HIGH
Ghostwriter <= 1.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23986
HIGH
Tiki Time < 1.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23983
HIGH
Tijaji < 1.43 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23981
HIGH
CarZine < 1.4.6 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23979
HIGH
Flashy <= 1.2.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22792
HIGH
Js O3 Lite <= 1.5.8.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22791
HIGH
twh offset writing < 1.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22790
HIGH
asmedia moseter < 1.3.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22789
HIGH
fyrewurks polka dots < 1.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22687
HIGH
Asmedia Tuaug4 <= 1.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22678
HIGH
mythemes my white < 2.0.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-48341
MEDIUM
Form Maker by 10Web <= 1.15.33 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-48288
MEDIUM
Element Invader Elementor <1.3.5 - XSS
CVSS 6.5
CVE-2025-48277
MEDIUM
Stylemix Cost Calculator Builder <3.2.74 - XSS
CVSS 5.9
CVE-2025-48276
MEDIUM
Visual Composer Website Builder <= 45.11.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-48270
MEDIUM
SKT Blocks <= 2.2 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-48269
MEDIUM
Greg Winiarski WPAdverts <2.2.3 - XSS
CVSS 6.5
Details
Vulnerabilities
45,165
Exploit Likelihood
High