CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,211 vulnerabilities with CWE-79
CVE-2025-31766
MEDIUM
PhotoShelter Blog Feed Plugin <1.5.7 - XSS
CVSS 6.5
CVE-2025-31764
MEDIUM
Cache control by Cacholong <= 5.4.1 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-31762
MEDIUM
Sheet2Site <= 1.0.18 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31761
MEDIUM
DEJAN Hypotext <= 1.0.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31760
MEDIUM
SnapWidget Social Photo Feed Widget <1.1.0 - XSS
CVSS 6.5
CVE-2025-31759
MEDIUM
Boo Recipes <= 2.4.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31754
MEDIUM
DobsonDev Shortcodes <= 2.1.12 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31750
MEDIUM
Breaking News WP <= 1.3 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-31749
MEDIUM
WPelite HMH Footer Builder For Elementor - XSS
CVSS 6.5
CVE-2025-31748
MEDIUM
Opal Portfolio <= 1.0.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31747
MEDIUM
WP Chrono <= 1.5.4 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-31745
MEDIUM
Arni Cinco Subscription Form <1.0.9 - XSS
CVSS 6.5
CVE-2025-31744
MEDIUM
Lightweight and Responsive Youtube Embed <= 1.0.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31743
MEDIUM
wpszaki Lightweight & Responsive Youtube Embed <1.0.0 - XSS
CVSS 6.5
CVE-2025-31742
MEDIUM
PixelDima Dima Take Action <1.0.5 - XSS
CVSS 5.9
CVE-2025-31741
MEDIUM
Easy Magazine <= 2.1.13 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-31740
MEDIUM
aThemeArt News, Magazine and Blog Elements <1.3 - XSS
CVSS 6.5
CVE-2025-31738
MEDIUM
LeadQuizzes <= 1.1.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31737
MEDIUM
dxladner Client Showcase <1.2.0 - XSS
CVSS 6.5
CVE-2025-31735
MEDIUM
Footnotes for WordPress <= 2016.1230 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31734
MEDIUM
Syed Balkhi Simple Post Expiration <1.0.2 - XSS
CVSS 6.5
CVE-2025-31733
MEDIUM
WP Sitemap <= 1.0.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-31731
MEDIUM
Philip John Author Bio Shortcode <2.5.3 - XSS
CVSS 6.5
CVE-2025-31730
MEDIUM
DigitalCourt Marketer Addons <1.0.1 - XSS
CVSS 6.5
CVE-2025-31121
MEDIUM
OpenEMR < 7.0.3.1 - Stored Cross-Site Scripting via EXIF Title in Patient Image
CVSS 5.4
Details
Vulnerabilities
45,211
Exploit Likelihood
High