CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,246 vulnerabilities with CWE-79
CVE-2025-25119 HIGH
Woocommerce osCommerce Sync <2.0.20 - XSS
CVSS 7.1
CVE-2025-25118 HIGH
Top Bar - PopUps - by WPOptin <= 2.0.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-25115 MEDIUM
Like dislike plus counter <1.0 - XSS
CVSS 6.5
CVE-2025-25114 HIGH
ehabstar User Role <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-25113 HIGH
NotFound Implied Cookie Consent <1.3 - XSS
CVSS 7.1
CVE-2025-25108 HIGH
shalomworld SW Plus <= 2.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-25102 HIGH
Yahoo BOSS <= 0.7 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-25099 HIGH
Accreteinfo Solution Appointment Buddy Widget <1.2 - XSS
CVSS 7.1
CVE-2025-25092 HIGH
All push notification for WP <= 1.5.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-25090 HIGH
Dreamstime Stock Photos <= 4.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-25089 HIGH
appten Image Rotator <= 2.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-25087 HIGH
seekXL Snapr <= 2.0.6 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-25084 MEDIUM
UniTimetable <= 1.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-25083 HIGH
EP4 More Embeds <= 1.0.0 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-25070 HIGH
Album Reviewer <= 2.0.2 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-24758 HIGH
CM Map Locations <= 2.0.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24694 HIGH
CM Email Registration Blacklist & Whitelist <1.5.5 - XSS
CVSS 7.1
CVE-2025-23956 HIGH
WP Easy Post Mailer <= 0.64 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23904 HIGH
Rebrand Fluent Forms <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23903 HIGH
Local Shipping Labels for WooCommerce <1.0.0 - XSS
CVSS 7.1
CVE-2025-23883 HIGH
Stray Random Quotes <= 1.9.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23881 HIGH
LJ Custom Menu Links <= 2.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23879 HIGH
PillarDev Easy Automatic Newsletter Lite <3.2.0 - XSS
CVSS 7.1
CVE-2025-23852 HIGH
NotFound First Comment Redirect <1.0.3 - XSS
CVSS 7.1
CVE-2025-23850 HIGH
Mojo Under Construction <1.1.2 - XSS
CVSS 7.1
Details
Vulnerabilities 45,246
Exploit Likelihood High