CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,211 vulnerabilities with CWE-79
CVE-2025-31897
MEDIUM
Arrow Custom Feed for Twitter <1.5.3 - XSS
CVSS 6.5
CVE-2025-31895
MEDIUM
paulrosen ABC Notation <6.1.3 - XSS
CVSS 6.5
CVE-2025-31894
MEDIUM
Ebook Downloader <= 1.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31892
MEDIUM
Themeum WP Crowdfunding <2.1.13 - XSS
CVSS 6.5
CVE-2025-31891
MEDIUM
Gosign - Posts Slider Block <1.1.0 - XSS
CVSS 6.5
CVE-2025-31890
MEDIUM
Simple Map No Api <= 1.9 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31885
MEDIUM
Daniel Floeter Hyperlink Group Block <2.0.1 - XSS
CVSS 6.5
CVE-2025-31884
MEDIUM
WP CMS Ninja Norse Rune Oracle Plugin <1.4.3 - XSS
CVSS 6.5
CVE-2025-31883
MEDIUM
WPWebinarSystem WebinarPress <1.33.27 - XSS
CVSS 5.9
CVE-2025-31875
MEDIUM
FancyPost <= 6.0.1 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-31874
MEDIUM
WebberZone Snippetz <= 2.1.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31873
MEDIUM
SheetDB <= 1.3.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31869
MEDIUM
Modernaweb Studio Black Widgets For Elementor <1.3.9 - XSS
CVSS 6.5
CVE-2025-31864
MEDIUM
Beam me up Scotty - Back to Top Button <= 1.0.23 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-31861
MEDIUM
WPOrbit Support Perfect Font Awesome Integration <2.2 - XSS
CVSS 6.5
CVE-2025-31860
MEDIUM
WP AdCenter <= 2.5.8 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31857
MEDIUM
Directorist AddonsKit for Elementor <= 1.1.6 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31855
MEDIUM
SMM API <= 6.0.31 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31853
MEDIUM
Erez Hadas-Sonnenschein Smartarget Popup <1.4 - XSS
CVSS 5.9
CVE-2025-31851
MEDIUM
Beds24 Online Booking <2.0.26 - XSS
CVSS 6.5
CVE-2025-31850
MEDIUM
RedefiningTheWeb PDF Generator Addon - XSS
CVSS 6.5
CVE-2025-31849
MEDIUM
fbtemplates Nemesis All-in-One <1.1.0 - XSS
CVSS 6.5
CVE-2025-31847
MEDIUM
mFolio Lite <= 1.2.3 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-31844
MEDIUM
Noor Alam Magical Blocks <1.0.10 - XSS
CVSS 6.5
CVE-2025-31838
MEDIUM
Eventbee RSVP Widget <= 1.0 - DOM-Based Cross-Site Scripting
CVSS 6.5
Details
Vulnerabilities
45,211
Exploit Likelihood
High