CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,190 vulnerabilities with CWE-79
CVE-2025-39562
MEDIUM
codepeople Payment Form for PayPal Pro <1.1.72 - XSS
CVSS 5.9
CVE-2025-39558
HIGH
CRM Perks <= 1.1.7 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-39521
HIGH
Ashish Ajani Contact Form vCard Generator <2.4 - XSS
CVSS 7.1
CVE-2025-39519
HIGH
rtpHarry Bulk Page Stub Creator - XSS
CVSS 7.1
CVE-2025-39464
HIGH
rtowebsites AdminQuickbar <1.9.1 - XSS
CVSS 7.1
CVE-2025-39444
MEDIUM
MaxButtons <= 9.8.3 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-39432
HIGH
bbPress2 shortcode whitelist <= 2.2.1 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-39428
MEDIUM
Maros Pristas Gravity Forms CSS Themes - XSS
CVSS 5.9
CVE-2025-39427
MEDIUM
WP Post to PDF Enhanced <1.1.1 - XSS
CVSS 5.9
CVE-2025-39420
HIGH
ruudkok WP Twitter Button <1.4.1 - XSS
CVSS 7.1
CVE-2025-32674
HIGH
WPFactory Product Excel Import Export & Bulk Edit for WooCommerce -...
CVSS 7.1
CVE-2025-32670
HIGH
Spark GF Failed Submissions <= 1.3.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32666
HIGH
Hive Support <= 1.2.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32653
HIGH
Cart66 Cloud <= 2.3.7 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32651
HIGH
SERPed.net <= 4.6 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32649
HIGH
GB Gallery Slideshow <= 1.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32646
HIGH
PickPlugins Question Answer <1.2.70 - XSS
CVSS 7.1
CVE-2025-32639
HIGH
wecantrack Affiliate Links Lite <3.1.0 - XSS
CVSS 7.1
CVE-2025-32638
HIGH
weptile Mobile App for WooCommerce <= 0.4.61 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-32637
HIGH
WP Donate <= 2.0 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-32634
HIGH
Run Contests, Raffles, and Giveaways with ContestsWP <= 2.1.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32630
HIGH
CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirecto...
CVSS 7.1
CVE-2025-32628
HIGH
WP Wham Crowdfunding for WooCommerce <3.1.12 - XSS
CVSS 7.1
CVE-2025-32625
HIGH
Mobile Pages <= 1.0.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32622
HIGH
OTP-less one tap Sign in <2.0.58 - XSS
CVSS 7.1
Details
Vulnerabilities
45,190
Exploit Likelihood
High