CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,198 vulnerabilities with CWE-79
CVE-2025-27288
HIGH
File Icons <= 2.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-27285
HIGH
Easy Form by AYS <= 2.6.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-27284
HIGH
divspark Flagged Content <1.0.2 - XSS
CVSS 7.1
CVE-2025-24752
HIGH
Essential Addons for Elementor <= 6.0.14 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24745
HIGH
RadiusTheme Classified Listing <4.0.1 - XSS
CVSS 7.1
CVE-2025-24670
HIGH
Term Taxonomy Converter <= 1.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24655
HIGH
PickPlugins Wishlist <= 1.0.39 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24645
HIGH
Eazy Under Construction <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24640
HIGH
Dan-Lucian Stefancu Empty Tags Remover - XSS
CVSS 7.1
CVE-2025-24637
HIGH
Syed Balkhi Beacon Lead Magnets & Lead Capture <1.5.7 - XSS
CVSS 7.1
CVE-2025-24624
HIGH
HT Event <= 1.4.6 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24621
HIGH
Arconix Shortcodes <= 2.1.15 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24619
HIGH
WP Log Action <= 0.51 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24586
HIGH
Shipment Tracker for Woocommerce <= 1.4.23 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24553
HIGH
Shipping with Venipak for WooCommerce <= 1.22.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24550
MEDIUM
JobScore Job Manager <= 2.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-24548
HIGH
Autoglot - Automatic WordPress Translation <2.4.7 - XSS
CVSS 7.1
CVE-2025-24539
HIGH
Debounce Email Validator <5.6.5 - XSS
CVSS 7.1
CVE-2025-23858
HIGH
Hiren Patel Custom Users Order <4.2 - XSS
CVSS 7.1
CVE-2025-23855
HIGH
SpiderDisplay <= 1.9.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23782
HIGH
TotalSuite TotalContest Lite <2.8.1 - XSS
CVSS 7.1
CVE-2025-23448
HIGH
dastan800 visualslider Sldier - XSS
CVSS 7.1
CVE-2025-23443
HIGH
Author Showcase <= 1.4.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22796
HIGH
WP-Asambleas <= 2.85.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22774
HIGH
CRUDLab Scroll to Top <= 1.0.1 - Reflected Cross-Site Scripting
CVSS 7.1
Details
Vulnerabilities
45,198
Exploit Likelihood
High