CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,198 vulnerabilities with CWE-79
CVE-2025-32507
HIGH
Event Espresso - Custom Email Template Shortcode <1.0.0 - XSS
CVSS 7.1
CVE-2025-32506
HIGH
BenDlz AT Internet SmartTag <0.2 - XSS
CVSS 7.1
CVE-2025-32504
HIGH
Silvasoft boekhouden <= 3.0.6 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32490
HIGH
WebsiteDefender wp secure <= 1.2 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-31018
HIGH
FireDrum Email Marketing <1.64 - XSS
CVSS 7.1
CVE-2025-31006
HIGH
arete-it Activity Reactions For Buddypress <1.0.22 - XSS
CVSS 7.1
CVE-2025-27354
HIGH
phil88530 Simple Email Subscriber <2.3 - XSS
CVSS 7.1
CVE-2025-27346
HIGH
gerrygooner Rebuild Permalinks <1.6 - XSS
CVSS 7.1
CVE-2025-27345
HIGH
Booking Ultra Pro <= 1.1.19 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-27343
HIGH
WooCommerce HTML5 Video <1.7.10 - XSS
CVSS 7.1
CVE-2025-27338
HIGH
List Urls <= 0.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-27337
HIGH
kontur Fontsampler <= 0.4.14 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-27333
HIGH
alvego Protected wp-login <2.1 - XSS
CVSS 7.1
CVE-2025-27324
HIGH
17TRACK for WooCommerce <1.2.10 - XSS
CVSS 7.1
CVE-2025-27322
HIGH
Bappa Mal QR Code for WooCommerce <1.2.0 - XSS
CVSS 7.1
CVE-2025-27319
HIGH
User List <= 1.5.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-27314
HIGH
Kush Micro News <= 1.6.7 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-27313
HIGH
Bernd Altmeier Google Maps GPX Viewer <3.6 - XSS
CVSS 7.1
CVE-2025-27309
HIGH
Jeannot Muller flickr-slideshow-wrapper <5.4.6 - XSS
CVSS 7.1
CVE-2025-27308
HIGH
cmstactics WP Video Posts <3.5.1 - XSS
CVSS 7.1
CVE-2025-27295
HIGH
Live css <= 1.3 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-27293
HIGH
Shipmozo Courier Tracking <1.0 - XSS
CVSS 7.1
CVE-2025-27292
HIGH
WPYog Documents <= 1.3.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-27291
HIGH
WordPress Photo Gallery - Image Gallery <= 2.0.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-27289
HIGH
Antoine Guillien Restrict Taxonomies <1.3.3 - XSS
CVSS 7.1
Details
Vulnerabilities
45,198
Exploit Likelihood
High