CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,239 vulnerabilities with CWE-79
CVE-2025-30545
MEDIUM
issuuPress <= 1.3.2 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-30540
MEDIUM
AvaiBook <= 1.2 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-30539
MEDIUM
BMo Expo <= 1.0.15 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-30537
MEDIUM
Cristian Sarov Upload Quota per User <1.3 - XSS
CVSS 5.9
CVE-2025-30536
MEDIUM
zeitwesentech Beautiful Link Preview <1.5.0 - XSS
CVSS 5.9
CVE-2025-30533
MEDIUM
gopiplus Message ticker <= 9.3 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-30532
MEDIUM
Weather Layer <= 4.2.1 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-30530
MEDIUM
AI Preloader <= 1.0.2 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2025-30527
MEDIUM
codetoolbox My Bootstrap Menu <1.2.1 - XSS
CVSS 5.9
CVE-2025-2700
LOW
dante3 0.4.0-0.4.4 - Cross-Site Scripting in Insert Link Handler
CVSS 3.5
CVE-2025-2699
LOW
GetmeUK ContentTools < 1.6.16 - Cross-Site Scripting via Image Handler onload Argument
CVSS 3.5
CVE-2025-1203
LOW
MetaSlider WordPress plugin <3.95.0 - XSS
CVSS 3.5
CVE-2025-1062
LOW
MetaSlider WordPress plugin <3.95.0 - XSS
CVSS 3.5
CVE-2025-2673
LOW
code-projects Payroll Management System 1.0 - XSS
CVSS 3.5
CVE-2025-2650
LOW
PHPGurukul Medical Card Generation System 1.0 - XSS
CVSS 3.5
CVE-2025-2645
LOW
PHPGurukul Art Gallery Management System 1.0 - XSS
CVSS 3.5
CVE-2025-0718
MEDIUM
Nested Pages WordPress <3.2.13 - XSS
CVSS 4.8
CVE-2025-2623
LOW
westboy CicadasCMS 1.0 - Cross-Site Scripting via Title/Content/Laiyuan Argument
CVSS 3.5
CVE-2025-2617
LOW
crud 1.0.0 - Cross-Site Scripting in Department Page
CVSS 2.4
CVE-2025-26796
MEDIUM
Apache Oozie - Cross-Site Scripting
CVSS 5.4
CVE-2025-2577
MEDIUM
Bitspecter Suite <= 1.0.0 - Authenticated Stored Cross-Site Scripting via SVG File Upload
CVSS 6.4
CVE-2025-2616
LOW
crud 1.0.0 - Cross-Site Scripting in Role Management Page
CVSS 2.4
CVE-2025-2484
MEDIUM
Multi Video Box <= 1.5.2 - Unauthenticated Reflected Cross-Site Scripting via video_id and group_id Parameters
CVSS 6.1
CVE-2025-2482
MEDIUM
Gotcha | Gesture-based Captcha <1.0.0 - XSS
CVSS 6.1
CVE-2025-2479
MEDIUM
Easy Custom Admin Bar <= 1.0 - Unauthenticated Reflected Cross-Site Scripting via 'msg' Parameter
CVSS 6.1
Details
Vulnerabilities
45,239
Exploit Likelihood
High