CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,256 vulnerabilities with CWE-79
CVE-2025-23718
HIGH
Mancx AskMe Widget <= 0.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23716
HIGH
Login Watchdog <= 1.0.4 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-23688
HIGH
Cobwebo URL Plugin <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23670
HIGH
4 author cheer up donate < 1.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23668
HIGH
ChatGPT Open AI Images & Content for WooCommerce <2.2.0 - XSS
CVSS 7.1
CVE-2025-23663
HIGH
Contexto <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23637
HIGH
WordPress <= 1.1.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23635
HIGH
mobde3net ePermissions <= 1.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23619
HIGH
Catch Duplicate Switcher <2.0 - XSS
CVSS 7.1
CVE-2025-23616
HIGH
Canalplan <= 5.31 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23600
HIGH
pinal.shah Send to a Friend Addon <1.4.1 - XSS
CVSS 7.1
CVE-2025-23595
HIGH
Page Health-O-Meter <= 2.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23587
HIGH
NotFound all-in-one-box-login <2.0.1 - XSS
CVSS 7.1
CVE-2025-23586
HIGH
WP Post Category Notifications <1.0 - XSS
CVSS 7.1
CVE-2025-23585
HIGH
CantonBolo Goo.gl Url Shorter <1.0.1 - XSS
CVSS 7.1
CVE-2025-23584
HIGH
Pin Locations on Map <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23579
MEDIUM
DZS Ajaxer Lite <= 1.04 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23576
HIGH
WP Intro.JS <= 1.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23575
HIGH
DX Sales CRM <= 1.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23570
HIGH
WP Social Links <= 0.3.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23565
HIGH
Wibstats <= 0.5.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23564
HIGH
mohsenshahbazi WP FixTag <v2.0.2 - XSS
CVSS 7.1
CVE-2025-23563
HIGH
Explore pages <= 1.01 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23556
HIGH
Push Envoy Notifications <1.0.0 - XSS
CVSS 7.1
CVE-2025-23555
HIGH
Ui Slider Filter By Price <1.1 - XSS
CVSS 7.1
Details
Vulnerabilities
45,256
Exploit Likelihood
High