CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,211 vulnerabilities with CWE-79
CVE-2025-31837 MEDIUM
WP Proposals < 2.3 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-31835 MEDIUM
Brice Capobianco WP Plugin Info Card <5.2.5 - XSS
CVSS 6.5
CVE-2025-31829 MEDIUM
ShopCred <= 1.3.0 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-31823 MEDIUM
WPoperation Elementor Addons <1.1.9 - XSS
CVSS 6.5
CVE-2025-31818 MEDIUM
ContentBot AI Writer <= 1.2.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31817 MEDIUM
BlockWheels <= 1.0.2 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-31815 MEDIUM
Devscred Design Blocks <1.2.2 - XSS
CVSS 6.5
CVE-2025-31813 MEDIUM
Website366.com WPSHARE247 Elementor Addons <2.1 - XSS
CVSS 6.5
CVE-2025-31812 MEDIUM
BuddyPress Members Only <3.5.3 - XSS
CVSS 6.5
CVE-2025-31811 MEDIUM
Planyo online reservation system <= 3.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31806 MEDIUM
uSystems Webling <= 3.9.0 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-31805 MEDIUM
ExpressTech Systems Gutena Kit - Gutenberg Blocks and Templates <2....
CVSS 6.5
CVE-2025-31804 MEDIUM
DraftPress Team Follow Us Badges <3.1.11 - XSS
CVSS 6.5
CVE-2025-31803 MEDIUM
Neteuro Turisbook Booking System <1.3.7 - XSS
CVSS 6.5
CVE-2025-31801 MEDIUM
Maksym Marko MX Time Zone Clocks <5.1.1 - XSS
CVSS 6.5
CVE-2025-31797 MEDIUM
BoldGrid Sprout Clients <= 3.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31793 MEDIUM
Piotnet Forms <= 1.0.30 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-31792 MEDIUM
Piotnet Forms <= 1.0.30 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-31790 MEDIUM
Binsaifullah Posten <= 0.0.1 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-31783 MEDIUM
Leartes.NET Leartes TRY Exchange Rates - XSS
CVSS 6.5
CVE-2025-31778 MEDIUM
Donate Me <= 1.2.5 - Reflected Cross-Site Scripting
CVSS 6.5
CVE-2025-31772 MEDIUM
Astoundify WP Modal Popup <2.4 - XSS
CVSS 5.9
CVE-2025-31771 MEDIUM
Team Members for Elementor Page Builder <1.0.4 - XSS
CVSS 6.5
CVE-2025-31770 MEDIUM
OTWthemes Content Manager Light <3.2 - XSS
CVSS 6.5
CVE-2025-31767 MEDIUM
OTWthemes Post Custom Templates Lite - XSS
CVSS 6.5
Details
Vulnerabilities 45,211
Exploit Likelihood High