CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,278 vulnerabilities with CWE-79
CVE-2025-23857
HIGH
NotFound Essential WP Real Estate <1.1.3 - XSS
CVSS 7.1
CVE-2025-23853
HIGH
michelem NoFollow Free <1.6.3 - XSS
CVSS 7.1
CVE-2025-23851
HIGH
Coronavirus Outbreak Data Widgets <1.1.1 - XSS
CVSS 7.1
CVE-2025-23790
HIGH
wassereimer Easy Code Placement <18.11 - XSS
CVSS 7.1
CVE-2025-23789
HIGH
URL Shortener | Conversion Tracking | AB Testing | WooCommerce <= 9.0.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23788
HIGH
Easy Filter <= 1.10 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23787
HIGH
Easy Bet <= 1.0.7 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23786
HIGH
DuoGeek Email to Download <3.1.0 - XSS
CVSS 7.1
CVE-2025-23751
HIGH
Think201 Data Dash <= 1.2.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23750
HIGH
devbunchuk Custom Widget Creator <1.0.5 - XSS
CVSS 7.1
CVE-2025-23748
HIGH
Singsys -Awesome Gallery <1.0. - XSS
CVSS 7.1
CVE-2025-23742
HIGH
Podamibe Twilio Private Call <1.0.1 - XSS
CVSS 7.1
CVE-2025-23658
HIGH
Tauhidul Alam Advanced Angular Contact Form <1.1.0 - XSS
CVSS 7.1
CVE-2025-23657
HIGH
WordPress-to-candidate for Salesforce CRM <1.0.1 - XSS
CVSS 7.1
CVE-2025-23655
HIGH
Contact Form 7 - Paystack Addon <1.2.3 - XSS
CVSS 7.1
CVE-2025-23653
HIGH
Form To Online Booking <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23652
HIGH
Add custom content after post <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23651
HIGH
Scroll Top <= 1.3.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23650
HIGH
Tidy.ro <= 1.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23648
HIGH
AdsMiddle <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23647
HIGH
Ariagle WP-Clap <= 1.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23646
HIGH
Matt Brooks Library Instruction Recorder <1.1.4 - XSS
CVSS 7.1
CVE-2025-23598
HIGH
Recip.ly <= 1.1.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23571
HIGH
NotFound Internal Links Generator <3.51 - XSS
CVSS 7.1
CVE-2025-23568
HIGH
fredsted WP Login Attempt Log <1.3 - XSS
CVSS 7.1
Details
Vulnerabilities
45,278
Exploit Likelihood
High