CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,198 vulnerabilities with CWE-79
CVE-2025-27288 HIGH
File Icons <= 2.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-27285 HIGH
Easy Form by AYS <= 2.6.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-27284 HIGH
divspark Flagged Content <1.0.2 - XSS
CVSS 7.1
CVE-2025-24752 HIGH
Essential Addons for Elementor <= 6.0.14 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24745 HIGH
RadiusTheme Classified Listing <4.0.1 - XSS
CVSS 7.1
CVE-2025-24670 HIGH
Term Taxonomy Converter <= 1.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24655 HIGH
PickPlugins Wishlist <= 1.0.39 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24645 HIGH
Eazy Under Construction <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24640 HIGH
Dan-Lucian Stefancu Empty Tags Remover - XSS
CVSS 7.1
CVE-2025-24637 HIGH
Syed Balkhi Beacon Lead Magnets & Lead Capture <1.5.7 - XSS
CVSS 7.1
CVE-2025-24624 HIGH
HT Event <= 1.4.6 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24621 HIGH
Arconix Shortcodes <= 2.1.15 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24619 HIGH
WP Log Action <= 0.51 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24586 HIGH
Shipment Tracker for Woocommerce <= 1.4.23 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24553 HIGH
Shipping with Venipak for WooCommerce <= 1.22.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24550 MEDIUM
JobScore Job Manager <= 2.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-24548 HIGH
Autoglot - Automatic WordPress Translation <2.4.7 - XSS
CVSS 7.1
CVE-2025-24539 HIGH
Debounce Email Validator <5.6.5 - XSS
CVSS 7.1
CVE-2025-23858 HIGH
Hiren Patel Custom Users Order <4.2 - XSS
CVSS 7.1
CVE-2025-23855 HIGH
SpiderDisplay <= 1.9.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23782 HIGH
TotalSuite TotalContest Lite <2.8.1 - XSS
CVSS 7.1
CVE-2025-23448 HIGH
dastan800 visualslider Sldier - XSS
CVSS 7.1
CVE-2025-23443 HIGH
Author Showcase <= 1.4.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22796 HIGH
WP-Asambleas <= 2.85.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22774 HIGH
CRUDLab Scroll to Top <= 1.0.1 - Reflected Cross-Site Scripting
CVSS 7.1
Details
Vulnerabilities 45,198
Exploit Likelihood High