CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,293 vulnerabilities with CWE-79
CVE-2025-24585
MEDIUM
N.O.U.S. Open Useful and Simple Event post <5.9.7 - XSS
CVSS 6.5
CVE-2025-24579
MEDIUM
Kyle Phillips Nested Pages <3.2.9 - XSS
CVSS 5.9
CVE-2025-24578
MEDIUM
ElementInvader Addons for Elementor <= 1.3.0 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-24575
MEDIUM
HelloAsso <= 1.1.11 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-24573
MEDIUM
PageLayer <= 1.9.4 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-24570
HIGH
Atarim <= 4.0.8 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-24547
MEDIUM
Matthias Wagner - FALKEmedia Caching Compatible Cookie Opt-In and J...
CVSS 6.5
CVE-2025-24542
MEDIUM
Icegram <= 3.1.31 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23889
HIGH
FooGallery Captions <= 1.0.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23888
HIGH
NotFound Custom Page Extensions <0.6 - XSS
CVSS 7.1
CVE-2025-23885
HIGH
MJ Contact us <= 5.2.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23839
HIGH
Sticky Button <= 1.0 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-23838
HIGH
Bauernregeln <= 1.0.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23837
HIGH
NotFound One Backend Language <1.0 - XSS
CVSS 7.1
CVE-2025-23737
HIGH
Network-Favorites <= 1.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23734
HIGH
Gigaom Sphinx <= 0.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23711
HIGH
Quote me <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23622
HIGH
CBX Accounting & Bookkeeping <1.3.14 - XSS
CVSS 7.1
CVE-2025-23621
HIGH
NotFound Causes - Donation Plugin <1.0.01 - XSS
CVSS 7.1
CVE-2025-23522
HIGH
HM Portfolio <= 1.1.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23427
HIGH
Redux Converter <= 1.1.3.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22714
HIGH
MDJM Event Management <1.7.5.5 - XSS
CVSS 7.1
CVE-2025-0314
HIGH
GitLab 17.2-17.6.3, 17.7-17.7.2, 17.8 - Cross-Site Scripting via File Rendering
CVSS 8.7
CVE-2025-23227
MEDIUM
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0-7.3.0.11 - Authenticated Stored Cross-Site Scripting
CVSS 6.4
CVE-2025-23960
HIGH
Save & Import Image from URL <= 0.7 - Reflected Cross-Site Scripting
CVSS 7.1
Details
Vulnerabilities
45,293
Exploit Likelihood
High