CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,173 vulnerabilities with CWE-79
CVE-2025-46529
MEDIUM
StressFree Sites Business Contact Widget <2.7.0 - XSS
CVSS 5.9
CVE-2025-46525
MEDIUM
msmitley WP Cookie Consent <1.0 - XSS
CVSS 5.9
CVE-2025-46523
MEDIUM
COVID-19 (Coronavirus) Update Your Customers <= 1.5.1 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-46521
MEDIUM
Silver Muru WS Force Login Page <3.0.3 - XSS
CVSS 5.9
CVE-2025-46517
MEDIUM
wpdiscover Blog Manager WP <1.0.5 - XSS
CVSS 5.9
CVE-2025-46509
MEDIUM
360 View <= 1.1.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-46505
MEDIUM
farinspace Peekaboo <= 1.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-46502
HIGH
LSD Custom taxonomy and category meta <1.3.2 - CSRF
CVSS 7.1
CVE-2025-46501
MEDIUM
biancardi Mixcloud Embed <2.2.0 - XSS
CVSS 6.5
CVE-2025-46499
HIGH
hccoder PayPal Express Checkout <2.1.2 - XSS
CVSS 7.1
CVE-2025-46496
MEDIUM
Oniswap Mini Twitter Feed <3.0 - XSS
CVSS 6.5
CVE-2025-46491
MEDIUM
Matthew Muro Multi-Column Taxonomy List <1.5 - XSS
CVSS 6.5
CVE-2025-46484
MEDIUM
nasir179125 Image Hover Effects For WPBakery Page Builder <2.0 - XSS
CVSS 6.5
CVE-2025-46483
MEDIUM
Peadig's Google +1 Button <0.1.2 - XSS
CVSS 6.5
CVE-2025-46480
MEDIUM
Nepali Post Date <= 5.1.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-46479
MEDIUM
BBCode Deluxe <= 2020.08.01.2 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-46478
HIGH
metaloha Dropdown Content <1.0.2 - XSS
CVSS 7.1
CVE-2025-46477
MEDIUM
WP Customize Login Page <1.6.5 - XSS
CVSS 5.9
CVE-2025-46476
MEDIUM
Awesome Wp Image Gallery <1.0 - XSS
CVSS 6.5
CVE-2025-46475
MEDIUM
Able Player <= 1.2.1 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-46472
MEDIUM
The Pack Elementor addons <= 2.1.6 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-46471
MEDIUM
Gnanavelshenll WP Custom Post Popup <1.0.2 - XSS
CVSS 6.5
CVE-2025-46469
MEDIUM
Benjamin Buddle Send From <2.2 - XSS
CVSS 5.9
CVE-2025-46467
MEDIUM
RAphicon <= 2.1.2 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-46461
MEDIUM
RRSSB <= 1.0.1 - DOM-Based Cross-Site Scripting
CVSS 6.5
Details
Vulnerabilities
45,173
Exploit Likelihood
High