CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,190 vulnerabilities with CWE-79
CVE-2025-32615 HIGH
Clinked Client Portal <= 1.10 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32613 HIGH
Bowo Debug Log Manager <2.3.4 - XSS
CVSS 7.1
CVE-2025-32611 HIGH
WooCommerce TBC Credit Card Payment Gateway <2.0.0 - XSS
CVSS 7.1
CVE-2025-32609 HIGH
Verowa Connect <= 3.0.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32608 HIGH
Movylo Marketing Automation <2.0.7 - XSS
CVSS 7.1
CVE-2025-32605 HIGH
MemberPress Discord Addon <1.1.1 - XSS
CVSS 7.1
CVE-2025-32604 HIGH
AWSA Shipping <= 1.3.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32602 HIGH
WooMS <= 9.12 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32592 HIGH
RealMag777 TableOn - WordPress Posts Table Filterable <1.0.4 - XSS
CVSS 7.1
CVE-2025-32590 HIGH
Web2application <= 6.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32588 HIGH
Credova Financial <= 2.4.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32582 HIGH
EXEIdeas International WP AutoKeyword <1.0 - XSS
CVSS 7.1
CVE-2025-32578 HIGH
Mapro Collins Coming Soon Countdown <2.2 - XSS
CVSS 7.1
CVE-2025-32566 HIGH
License For Envato <= 1.0.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32564 HIGH
tomroyal Stop Registration Spam <1.24 - XSS
CVSS 7.1
CVE-2025-32562 HIGH
aviplugins.com WP Easy Poll <2.2.9 - XSS
CVSS 7.1
CVE-2025-32561 HIGH
WP_DEBUG Toggle <= 1.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32560 HIGH
WP-Hijri <= 1.5.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32557 HIGH
Rico Macchi WP Featured Screenshot <1.3 - XSS
CVSS 7.1
CVE-2025-32554 HIGH
Raptive Ads <= 3.7.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32552 HIGH
MSRP (RRP) Pricing for WooCommerce <= 1.8.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32548 HIGH
Hamburger Icon Menu Lite <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32540 HIGH
Feedify - Web Push Notifications <2.4.5 - XSS
CVSS 7.1
CVE-2025-32535 HIGH
DN Shipping by Weight for WooCommerce <1.2 - XSS
CVSS 7.1
CVE-2025-32533 HIGH
Matat Technologies Deliver via Shipos for WooCommerce <2.1.7 - XSS
CVSS 7.1
Details
Vulnerabilities 45,190
Exploit Likelihood High