CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,211 vulnerabilities with CWE-79
CVE-2025-0272
MEDIUM
HCL DevOps Deploy 8.0.0.0-8.0.1.4 and HCL Launch 7.0.0.0-7.0.5.25 - HTML Injection in Web UI
CVSS 5.4
CVE-2025-3157
LOW
Intelbras WRN 150 1.0.15_pt_ITB01 - XSS
CVSS 2.4
CVE-2025-31907
HIGH
Labib Ahmed Team Builder <1.3 - XSS
CVSS 7.1
CVE-2025-31905
HIGH
Team Rosters <= 4.7 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-31903
HIGH
NotFound XV Random Quotes <1.37 - XSS
CVSS 7.1
CVE-2025-31902
HIGH
Social Share And Social Locker <1.4.1 - XSS
CVSS 7.1
CVE-2025-31901
HIGH
Digihood HTML Sitemap <= 3.1.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-31900
HIGH
Lexicata <= 1.0.16 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-31899
HIGH
Awesome Logos <= 1.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-31898
HIGH
MediaView <= 1.1.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-31893
MEDIUM
Cheesefather Botnet Attack Blocker <2.0.0 - XSS
CVSS 6.5
CVE-2025-31626
HIGH
M. Ali Saleem Support Helpdesk Ticket System Lite <4.5.2 - XSS
CVSS 7.1
CVE-2025-31622
MEDIUM
Utkarsh Kukreti Advanced Typekit <1.0.1 - XSS
CVSS 6.5
CVE-2025-31582
HIGH
Ashish Ajani Contact Form vCard Generator <2.4 - XSS
CVSS 7.1
CVE-2025-31573
HIGH
PeproDev CF7 Database <= 2.0.0 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-31536
HIGH
Moshensky CF7 Spreadsheets <2.3.2 - XSS
CVSS 7.1
CVE-2025-31468
HIGH
WP_Identicon <= 2.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-31467
HIGH
Flickr Photostream <= 3.1.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-31442
HIGH
NotFound Search engine keywords highlighter <0.1.3 - XSS
CVSS 7.1
CVE-2025-31436
HIGH
Blubrry PowerPress Podcasting <0.1.1 - XSS
CVSS 7.1
CVE-2025-31091
MEDIUM
CM Header and Footer <= 1.2.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-30858
HIGH
Tribulant Software Snow Storm <1.4.6 - XSS
CVSS 7.1
CVE-2025-30616
HIGH
NotFound Latest Custom Post Type Updates - XSS
CVSS 7.1
CVE-2025-30611
HIGH
Wptobe-signinup <= 1.1.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-2946
CRITICAL
pgAdmin <= 9.1 - Cross-Site Scripting via Query Result Rendering
CVSS 9.1
Details
Vulnerabilities
45,211
Exploit Likelihood
High