CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,211 vulnerabilities with CWE-79
CVE-2025-31563
HIGH
Vimal Kava AI Search Bar <1.3 - XSS
CVSS 7.1
CVE-2025-31548
HIGH
M. Tuhin Ultimate Push Notifications <1.1.8 - XSS
CVSS 7.1
CVE-2025-31537
HIGH
madfishdigital Bulk NoIndex & NoFollow Toolkit - XSS
CVSS 7.1
CVE-2025-31462
HIGH
rzfarrell CGM Event Calendar <0.8.5 - XSS
CVSS 7.1
CVE-2025-31461
HIGH
NanoSupport <= 0.6.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-31455
HIGH
Limit Max IPs Per User <= 1.5 - DOM-Based Cross-Site Scripting
CVSS 7.1
CVE-2025-31454
HIGH
NotFound Delete Post Revision - XSS
CVSS 7.1
CVE-2025-31446
HIGH
WP Cleaner <= 1.1.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-31445
HIGH
Pages Order <= 1.1.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-31441
HIGH
WordPress Galleria <= 1.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-31431
HIGH
WP Bookmarks <= 1.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-31086
HIGH
Nick McReynolds Product Table <2.1.4 - XSS
CVSS 7.1
CVE-2025-31085
HIGH
Michel - xiligroup dev xili-language <2.21.2 - XSS
CVSS 7.1
CVE-2025-31081
HIGH
ShortPixel Enable Media Replace <4.1.5 - XSS
CVSS 7.1
CVE-2025-31080
HIGH
Link Software LLC HTML Forms <1.5.1 - XSS
CVSS 7.1
CVE-2025-31078
HIGH
enuiretechnology Small Package Quotes - Worldwide Express Edition <...
CVSS 7.1
CVE-2025-30913
HIGH
podpirate Access Areas <1.5.19 - XSS
CVSS 7.1
CVE-2025-30906
HIGH
Coffee Code Tech Plugin Oficial - WooCommerce <1.7.3 - XSS
CVSS 7.1
CVE-2025-30905
HIGH
Ays Pro Secure Copy Content Protection & Locking <4.4.3 - XSS
CVSS 7.1
CVE-2025-30852
HIGH
Oracle Cards Lite <= 1.2.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-30844
HIGH
Watu Quiz <= 3.4.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-30778
HIGH
VForm <= 3.1.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-30554
HIGH
Frizzly <= 1.1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-29049
MEDIUM
mathlive < 0.104.0 - Cross-Site Scripting via MathLive Function
CVSS 6.3
CVE-2025-26054
MEDIUM
Infinxt iEdge 100 2.1.32 - Cross-Site Scripting via LAN Description Field
CVSS 5.4
Details
Vulnerabilities
45,211
Exploit Likelihood
High