CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,198 vulnerabilities with CWE-79
CVE-2025-2544 MEDIUM
AI Content Pipelines: Content Engine + Analytics <= 1.6 - Authenticated Stored Cross-Site Scripting via SVG File Upload
CVSS 6.4
CVE-2025-2889 MEDIUM
Link Library <= 7.7.3 - Authenticated Stored Cross-Site Scripting via Link Additional Parameters
CVSS 6.4
CVE-2025-3253 LOW
admintwo 1.0 - Cross-Site Scripting via /ztree/insertTree Name Parameter
CVSS 3.5
CVE-2025-3252 LOW
admintwo 1.0 - Cross-Site Scripting via Name Parameter in /resource/add
CVSS 3.5
CVE-2025-32207 MEDIUM
Ni WooCommerce Cost Of Goods <3.2.8 - XSS
CVSS 6.5
CVE-2025-32197 MEDIUM
Piotnet Addons For Elementor <2.4.34 - XSS
CVSS 6.5
CVE-2025-32196 MEDIUM
blazethemes News Kit Elementor Addons <1.3.1 - XSS
CVSS 6.5
CVE-2025-32195 MEDIUM
Ecwid Shopping Cart <= 7.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-32194 MEDIUM
LA-Studio Element Kit for Elementor <1.4.9 - XSS
CVSS 6.5
CVE-2025-32193 MEDIUM
WPMinds Simple WP Events <1.8.17 - XSS
CVSS 6.5
CVE-2025-32192 MEDIUM
Ultra Addons Lite for Elementor <= 1.1.8 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-32191 MEDIUM
News Element Elementor Blog Magazine <1.0.7 - XSS
CVSS 6.5
CVE-2025-32190 MEDIUM
Musician's Pack for Elementor <1.8.4 - XSS
CVSS 6.5
CVE-2025-32189 MEDIUM
Best WP Developer BWD Elementor Addons <4.3.20 - XSS
CVSS 6.5
CVE-2025-32188 MEDIUM
ILLID Advanced Woo Labels <2.14 - XSS
CVSS 6.5
CVE-2025-32187 MEDIUM
Administrator Z <=2025.03.04 - DOM-Based XSS
CVSS 6.5
CVE-2025-32186 MEDIUM
Turbo Addons for Elementor <1.7.1 - XSS
CVSS 6.5
CVE-2025-32185 MEDIUM
Colibri Page Builder <= 1.0.329 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-32184 MEDIUM
bdthemes Ultimate Store Kit Elementor Addons <2.4.0 - XSS
CVSS 6.5
CVE-2025-32183 MEDIUM
Galaxy Weblinks Video Playlist For YouTube <6.6 - XSS
CVSS 6.5
CVE-2025-32182 MEDIUM
Spider Elements - Addons for Elementor <1.6.2 - XSS
CVSS 6.5
CVE-2025-32181 MEDIUM
Fast Simon Search, Filters & Merchandising for WooCommerce <= 3.0.58 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-32179 MEDIUM
Maps for WP <= 1.2.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-32177 MEDIUM
pgn4web Embed Chessboard <3.07.00 - XSS
CVSS 6.5
CVE-2025-32176 MEDIUM
GalleryCreator Gallery Blocks with Lightbox <3.2.5 - XSS
CVSS 6.5
Details
Vulnerabilities 45,198
Exploit Likelihood High