CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,227 vulnerabilities with CWE-79
CVE-2025-27574
LOW
KDDI HGW-BL1500HM <= 002.002.003 - Cross-Site Scripting in USB Storage File-Sharing Function
CVSS 3.6
CVE-2025-27567
MEDIUM
HGW-BL1500HM <= 002.002.003 - Cross-Site Scripting in NickName Registration Screen
CVSS 5.4
CVE-2025-1705
MEDIUM
tagDiv Composer <= 5.3 - Unauthenticated Stored Cross-Site Scripting via CSRF in td_ajax_get_views
CVSS 6.1
CVE-2025-2804
MEDIUM
tagDiv Composer <= 5.3 - Unauthenticated Reflected Cross-Site Scripting via account_id and account_username Parameters
CVSS 6.1
CVE-2025-31092
MEDIUM
Ninja Team Click to Chat - WP Support All-in-One Floating Widget <2...
CVSS 6.5
CVE-2025-31101
MEDIUM
VaultRE Contact Form 7 <= 1.0 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-31031
MEDIUM
Astoundify Job Colors for WP Job Manager <1.0.5 - XSS
CVSS 5.9
CVE-2025-2878
LOW
Kentico CMS < 13.0.178 - Cross-Site Scripting via New Database Parameter in Install Wizard
CVSS 2.4
CVE-2025-26874
HIGH
MemberSpace <= 2.1.13 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-30366
MEDIUM
WeGIA < 3.2.8 - Stored Cross-Site Scripting
CVSS 5.4
CVE-2025-30363
MEDIUM
WeGIA < 3.2.6 - Stored Cross-Site Scripting
CVSS 5.4
CVE-2025-30362
MEDIUM
WeGIA < 3.2.8 - Stored Cross-Site Scripting
CVSS 5.4
CVE-2025-26762
MEDIUM
WooCommerce <= 9.7.0 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-22640
MEDIUM
Paytm Payment Donation <2.3.3 - XSS
CVSS 5.9
CVE-2025-22638
MEDIUM
Acowebs Product Table For WooCommerce <1.2.3 - XSS
CVSS 6.5
CVE-2025-22628
HIGH
Foliovision Filled In <= 1.9.2 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-22497
MEDIUM
A.H.C. Waasdorp Simple Google Calendar Outlook Events Block Widget ...
CVSS 6.5
CVE-2025-22496
MEDIUM
Notif Bell <= 0.9.8 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-22278
MEDIUM
yudleethemes Whitish Lite <2.1.13 - XSS
CVSS 6.5
CVE-2025-22660
MEDIUM
Wolfgang Include Mastodon Feed <1.9.9 - XSS
CVSS 6.5
CVE-2025-22659
MEDIUM
Orbit Fox by ThemeIsle <= 2.10.44 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-22649
MEDIUM
WP Project Manager <= 2.6.22 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-22648
MEDIUM
Plugin Devs Blog, Posts and Category Filter for Elementor <2.0.1 - XSS
CVSS 6.5
CVE-2025-22646
MEDIUM
aThemes Addons for Elementor <= 1.0.8 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-22644
MEDIUM
ThemeHunk Vayu Blocks < 1.4.3 - Stored Cross-Site Scripting
CVSS 6.5
Details
Vulnerabilities
45,227
Exploit Likelihood
High