CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,256 vulnerabilities with CWE-79
CVE-2025-24758
HIGH
CM Map Locations <= 2.0.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24694
HIGH
CM Email Registration Blacklist & Whitelist <1.5.5 - XSS
CVSS 7.1
CVE-2025-23956
HIGH
WP Easy Post Mailer <= 0.64 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23904
HIGH
Rebrand Fluent Forms <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23903
HIGH
Local Shipping Labels for WooCommerce <1.0.0 - XSS
CVSS 7.1
CVE-2025-23883
HIGH
Stray Random Quotes <= 1.9.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23881
HIGH
LJ Custom Menu Links <= 2.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23879
HIGH
PillarDev Easy Automatic Newsletter Lite <3.2.0 - XSS
CVSS 7.1
CVE-2025-23852
HIGH
NotFound First Comment Redirect <1.0.3 - XSS
CVSS 7.1
CVE-2025-23850
HIGH
Mojo Under Construction <1.1.2 - XSS
CVSS 7.1
CVE-2025-23847
HIGH
NotFound Site Launcher <0.9.4 - XSS
CVSS 7.1
CVE-2025-23843
HIGH
WP-HR Manager: The Human Resources Plugin for WordPress <= 3.1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23829
MEDIUM
Woo Update Variations In Cart <0.0.9 - XSS
CVSS 6.5
CVE-2025-23814
HIGH
CRUDLab Like Box <= 2.0.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23813
HIGH
Guten Free Options <= 0.9.7 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23762
HIGH
DsgnWrks Twitter Importer <1.1.4 - XSS
CVSS 7.1
CVE-2025-23753
HIGH
NotFound DN Sitemap Control <1.0.6 - XSS
CVSS 7.1
CVE-2025-23741
HIGH
Notifications Center <= 1.5.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23740
HIGH
Easy School Registration <3.9.8 - XSS
CVSS 7.1
CVE-2025-23739
HIGH
WP Ultimate Reviews FREE <1.0.2 - XSS
CVSS 7.1
CVE-2025-23738
HIGH
Ps Ads Pro <= 1.0.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23736
HIGH
Form To JSON <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23731
HIGH
infosoftplugin Tax Report for WooCommerce - XSS
CVSS 7.1
CVE-2025-23726
HIGH
ComparePress <= 2.0.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23721
HIGH
Mobigate <= 1.0.3 - Reflected Cross-Site Scripting
CVSS 7.1
Details
Vulnerabilities
45,256
Exploit Likelihood
High