CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,239 vulnerabilities with CWE-79
CVE-2025-1452
LOW
Favorites WordPress Plugin < 2.3.5 - Authenticated Stored Cross-Site Scripting in Settings
CVSS 3.5
CVE-2025-0845
MEDIUM
WordPress DesignThemes Core Features <4.8 - XSS
CVSS 6.4
CVE-2025-0717
LOW
Social Slider Feed <2.2.9 - Admin+ Stored XSS
CVSS 3.5
CVE-2025-2715
LOW
timschofield webERP <5.0.0.rc+13 - XSS
CVSS 3.5
CVE-2025-2714
MEDIUM
JoomlaUX JUX Real Estate 3.4.0 - Cross-Site Scripting via Plan ID Parameter
CVSS 4.3
CVE-2025-2712
MEDIUM
Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
CVSS 4.3
CVE-2025-2711
MEDIUM
Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
CVSS 4.3
CVE-2025-2710
MEDIUM
Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
CVSS 4.3
CVE-2025-2709
MEDIUM
Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
CVSS 4.3
CVE-2025-2748
MEDIUM
Kentico Xperience CMS - Unauthenticated Stored XSS
CVSS 6.1
CVE-2025-30623
MEDIUM
wA11y - The Web Accessibility Toolbox <= 1.0.3 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-30610
MEDIUM
WP Social Widget <= 2.2.7 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-30606
MEDIUM
Logan Carlile Easy Page Transition <1.0.1 - XSS
CVSS 5.9
CVE-2025-30602
HIGH
Related Posts via Categories <= 2.1.2 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-30600
MEDIUM
WP Hotjar <= 0.0.3 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-30599
MEDIUM
WP Parallax Content Slider <0.9.8 - XSS
CVSS 5.9
CVE-2025-30597
MEDIUM
IG Shortcodes <= 3.1 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-30595
MEDIUM
tstafford include-file <= 1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-30593
MEDIUM
samsk Include URL <= 0.3.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-30575
MEDIUM
Arefly Login Redirect <= 1.0.5 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-30574
MEDIUM
Jenst Mobile Navigation <= 1.5 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-30573
MEDIUM
mrdenny My Default Post Content <0.7.3 - XSS
CVSS 5.9
CVE-2025-30566
MEDIUM
Aryan Themes Clink <= 1.2.2 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-30553
MEDIUM
Z.com byGMO GMO Font Agent <1.6 - XSS
CVSS 6.5
CVE-2025-30551
MEDIUM
Pretty file links <= 0.9 - Stored Cross-Site Scripting
CVSS 6.5
Details
Vulnerabilities
45,239
Exploit Likelihood
High