CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,246 vulnerabilities with CWE-79
CVE-2025-26918 HIGH
Small Package Quotes - Unishippers Edition <= 2.4.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26917 HIGH
HasThemes WP Templata <= 1.0.7 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26914 HIGH
Bowo Variable Inspector <2.6.2 - XSS
CVSS 7.1
CVE-2025-26879 HIGH
s2Member Pro < 241216 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26589 HIGH
IE CSS3 Support <= 2.0.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26588 HIGH
TTT Crop <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26587 HIGH
sidebarTabs <= 3.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26586 HIGH
NotFound Events Planner <1.3.10 - XSS
CVSS 7.1
CVE-2025-26585 HIGH
DL Leadback <= 1.2.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26563 HIGH
Muneeb Mobile rocket-wp-mobile <= 1.3.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-26557 HIGH
ViperBar <= 2.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-25170 HIGH
Migrate Posts <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-25169 HIGH
NotFound Authors Autocomplete Meta Box <1.2 - XSS
CVSS 7.1
CVE-2025-25165 HIGH
NotFound Staff Directory Plugin - XSS
CVSS 7.1
CVE-2025-25164 HIGH
Meta Accelerator <= 1.0.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-25161 HIGH
NotFound WP Find Your Nearest <0.3.1 - XSS
CVSS 7.1
CVE-2025-25158 HIGH
Uncomplicated SEO <= 1.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-25157 HIGH
WP Church Center <= 1.3.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-25142 HIGH
WP Less Compiler <= 1.3.0 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-25133 HIGH
WP Frontend Submit <= 1.1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-25132 HIGH
ravi Singh Visitor Details <1.0.1 - XSS
CVSS 7.1
CVE-2025-25131 MEDIUM
NotFound RJ Quickcharts <0.6.1 - XSS
CVSS 6.5
CVE-2025-25129 HIGH
NotFound Callback Request <1.4 - XSS
CVSS 7.1
CVE-2025-25127 HIGH
Contact Us By Lord Linus <2.6 - XSS
CVSS 7.1
CVE-2025-25124 HIGH
Status Updater <= 1.9.2 - Reflected Cross-Site Scripting
CVSS 7.1
Details
Vulnerabilities 45,246
Exploit Likelihood High