CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,169 vulnerabilities with CWE-79
CVE-2025-47589 MEDIUM
motov.net Ebook Store <5.8007 - XSS
CVSS 6.5
CVE-2025-47547 MEDIUM
SendPulse Email Marketing Newsletter <= 2.1.6 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-47525 MEDIUM
Bold Page Builder <= 5.3.0 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-47524 MEDIUM
karim42 Quran multilanguage Text & Audio <2.3.23 - XSS
CVSS 5.9
CVE-2025-47522 MEDIUM
AWEOS WP Lock <= 1.4.8 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-47521 MEDIUM
Robo Gallery <= 5.0.2 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-47520 MEDIUM
Syed Balkhi Charitable <1.8.5.1 - XSS
CVSS 5.9
CVE-2025-47518 MEDIUM
Contact Form 7 - PayPal & Stripe Add-on <2.3.4 - XSS
CVSS 5.9
CVE-2025-47516 MEDIUM
Scott Paterson Time Clock <1.2.3 - XSS
CVSS 5.9
CVE-2025-47515 MEDIUM
Seb WP DPE-GES <= 1.6 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-47509 MEDIUM
Ajay Top 10 <= 4.1.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-47507 MEDIUM
Better Search <= 4.1.0 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-47506 MEDIUM
Ajay Contextual Related Posts <4.0.2 - XSS
CVSS 6.5
CVE-2025-47505 MEDIUM
ProWCPlugins Product Time Countdown <1.6.2 - XSS
CVSS 6.5
CVE-2025-47504 MEDIUM
WPFactory Custom Checkout Fields/WPFactory Customer Email Verificat...
CVSS 6.5
CVE-2025-47503 MEDIUM
wpo-HR NGG Smart Image Search <3.3.3 - XSS
CVSS 6.5
CVE-2025-47502 MEDIUM
Mollie Forms <= 2.7.12 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-47501 MEDIUM
Code Atlantic Content Control <2.6.1 - XSS
CVSS 6.5
CVE-2025-47499 MEDIUM
Simple Blog Stats <= 20250416 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-47497 MEDIUM
Logo Showcase <= 3.0.4 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-47495 MEDIUM
Blockspare <= 3.2.9 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-47493 MEDIUM
Ultimate Blocks <= 3.2.9 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-47489 MEDIUM
Beds24 Online Booking <2.0.29 - XSS
CVSS 6.5
CVE-2025-47488 MEDIUM
Bold Page Builder <= 5.3.2 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-47482 MEDIUM
sonalsinha21 SKT Skill Bar <2.4 - XSS
CVSS 6.5
Details
Vulnerabilities 45,169
Exploit Likelihood High