CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,256 vulnerabilities with CWE-79
CVE-2025-23553 HIGH
David Cramer Userbase Access Control <1.0 - XSS
CVSS 7.1
CVE-2025-23552 HIGH
Texteller <= 1.3.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23549 HIGH
Maniac SEO <= 2.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23539 HIGH
NotFound Awesome Hooks <1.0.1 - XSS
CVSS 7.1
CVE-2025-23538 HIGH
WP Contest <= 1.0.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23536 HIGH
Track Page Scroll <= 1.0.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23526 HIGH
Swift Calendar Online Appointment Scheduling <1.3.3 - XSS
CVSS 7.1
CVE-2025-23524 HIGH
ClickBank Storefront <= 1.7 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23521 HIGH
Goodlayers Blocks <= 1.0.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23520 HIGH
SecureSubmit Heartland Management Terminal <1.3.0 - XSS
CVSS 7.1
CVE-2025-23519 HIGH
G Web Pro Store Locator <2.0.1 - XSS
CVSS 7.1
CVE-2025-23518 HIGH
GoogleMapper <= 2.0.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23517 HIGH
Google Map on Post/Page <= 1.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23516 HIGH
NotFound Sale with Razorpay <1.0 - XSS
CVSS 7.1
CVE-2025-23505 HIGH
Pit Login Welcome <= 1.1.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23496 HIGH
WP FPO <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23494 HIGH
Quizzin <= 1.01.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23493 HIGH
Google Transliteration <1.7.2 - XSS
CVSS 7.1
CVE-2025-23490 HIGH
NotFound Browser-Update-Notify <0.2.1 - XSS
CVSS 7.1
CVE-2025-23488 HIGH
rng-refresh <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23487 HIGH
Easy Gallery <= 1.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23485 HIGH
RS Survey <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23484 HIGH
Cojecto Predict When <= 1.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23482 HIGH
azurecurve Floating Featured Image <2.2.0 - XSS
CVSS 7.1
CVE-2025-23481 HIGH
Ni WooCommerce Sales Report Email <3.1.4 - XSS
CVSS 7.1
Details
Vulnerabilities 45,256
Exploit Likelihood High