CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,256 vulnerabilities with CWE-79
CVE-2025-24758 HIGH
CM Map Locations <= 2.0.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24694 HIGH
CM Email Registration Blacklist & Whitelist <1.5.5 - XSS
CVSS 7.1
CVE-2025-23956 HIGH
WP Easy Post Mailer <= 0.64 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23904 HIGH
Rebrand Fluent Forms <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23903 HIGH
Local Shipping Labels for WooCommerce <1.0.0 - XSS
CVSS 7.1
CVE-2025-23883 HIGH
Stray Random Quotes <= 1.9.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23881 HIGH
LJ Custom Menu Links <= 2.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23879 HIGH
PillarDev Easy Automatic Newsletter Lite <3.2.0 - XSS
CVSS 7.1
CVE-2025-23852 HIGH
NotFound First Comment Redirect <1.0.3 - XSS
CVSS 7.1
CVE-2025-23850 HIGH
Mojo Under Construction <1.1.2 - XSS
CVSS 7.1
CVE-2025-23847 HIGH
NotFound Site Launcher <0.9.4 - XSS
CVSS 7.1
CVE-2025-23843 HIGH
WP-HR Manager: The Human Resources Plugin for WordPress <= 3.1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23829 MEDIUM
Woo Update Variations In Cart <0.0.9 - XSS
CVSS 6.5
CVE-2025-23814 HIGH
CRUDLab Like Box <= 2.0.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23813 HIGH
Guten Free Options <= 0.9.7 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23762 HIGH
DsgnWrks Twitter Importer <1.1.4 - XSS
CVSS 7.1
CVE-2025-23753 HIGH
NotFound DN Sitemap Control <1.0.6 - XSS
CVSS 7.1
CVE-2025-23741 HIGH
Notifications Center <= 1.5.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23740 HIGH
Easy School Registration <3.9.8 - XSS
CVSS 7.1
CVE-2025-23739 HIGH
WP Ultimate Reviews FREE <1.0.2 - XSS
CVSS 7.1
CVE-2025-23738 HIGH
Ps Ads Pro <= 1.0.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23736 HIGH
Form To JSON <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23731 HIGH
infosoftplugin Tax Report for WooCommerce - XSS
CVSS 7.1
CVE-2025-23726 HIGH
ComparePress <= 2.0.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23721 HIGH
Mobigate <= 1.0.3 - Reflected Cross-Site Scripting
CVSS 7.1
Details
Vulnerabilities 45,256
Exploit Likelihood High