CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,227 vulnerabilities with CWE-79
CVE-2025-27267
HIGH
Random Quotes <= 1.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-27014
HIGH
Hostiko < 30.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26929
MEDIUM
NOUS Ouvert Utile et Simple Accounting for WooCommerce <1.6.8 - XSS
CVSS 5.9
CVE-2025-26923
MEDIUM
Event post <= 5.9.8 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-26922
MEDIUM
AuraMart <= 2.0.7 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-26869
MEDIUM
Build < 1.0.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-26747
MEDIUM
RainbowNews < 1.0.7 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-26739
MEDIUM
themefunction newseqo <= 2.1.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-26584
HIGH
NotFound TBTestimonials <1.7.3 - XSS
CVSS 7.1
CVE-2025-26583
HIGH
videowhisper Video Share VOD <2.7.2 - XSS
CVSS 7.1
CVE-2025-26581
HIGH
videowhisper Picture Gallery <1.6.2 - XSS
CVSS 7.1
CVE-2025-26579
HIGH
Videowhisper MicroPayments <3.1.6 - XSS
CVSS 7.1
CVE-2025-26576
HIGH
WP Simple Slideshow <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26575
HIGH
Kyle Maurer Display Post Meta <2.4.4 - XSS
CVSS 7.1
CVE-2025-26573
HIGH
Rizzi Guestbook <= 4.0.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26566
HIGH
In Stock Mailer for WooCommerce <= 2.1.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26565
HIGH
kagla GNUPress <= 0.2.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26564
HIGH
GNUCommerce <= 1.5.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26560
HIGH
WP Contact Form III <= 1.6.2d - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26559
MEDIUM
Secure Invites <= 1.3 - Reflected Cross-Site Scripting
CVSS 6.5
CVE-2025-26546
HIGH
Cookies Pro <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26544
HIGH
UTM tags tracking for Contact Form 7 <= 2.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26542
HIGH
Zalo Live Chat <= 1.1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26541
HIGH
CodeSolz Bitcoin/AltCoin Payment Gateway <1.7.6 - XSS
CVSS 7.1
CVE-2025-26537
MEDIUM
GDPR Tools <= 1.0.2 - Stored Cross-Site Scripting
CVSS 6.5
Details
Vulnerabilities
45,227
Exploit Likelihood
High