CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,293 vulnerabilities with CWE-79
CVE-2025-23894
HIGH
Tatsuya Fukata, Alexander Ovsov wp-flickr-press <2.6.4 - XSS
CVSS 7.1
CVE-2025-23836
HIGH
SuryaBhan Custom Coming Soon <2.2 - XSS
CVSS 7.1
CVE-2025-23835
HIGH
Legal + < 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23834
HIGH
NotFound Links/Problem Reporter <2.6.0 - XSS
CVSS 7.1
CVE-2025-23733
HIGH
sayocode SC Simple Zazzle <1.1.6 - XSS
CVSS 7.1
CVE-2025-23730
HIGH
NotFound FLX Dashboard Groups <0.0.8 - XSS
CVSS 7.1
CVE-2025-23729
HIGH
XTRA Settings <= 2.1.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23727
HIGH
AZ Content Finder <= 0.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23725
HIGH
TaskMeister Accessibility Task Manager <1.2.1 - XSS
CVSS 7.1
CVE-2025-23724
HIGH
University Quizzes Online <1.4 - XSS
CVSS 7.1
CVE-2025-23723
HIGH
Plestar Directory Listing <1.0 - XSS
CVSS 7.1
CVE-2025-23722
HIGH
Mind3doM RyeBread Widgets <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23636
HIGH
Dimitar Atanasov My Favorite Car <1.0 - XSS
CVSS 7.1
CVE-2025-23634
HIGH
Youtube Video Grid <= 1.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23629
HIGH
Subhasis Laha Gallerio <1.0.1 - XSS
CVSS 7.1
CVE-2025-23628
HIGH
GeoDigs <= 3.4.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23626
HIGH
Kumihimo <= 1.0.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23624
HIGH
Alessandro Benoit WpDevTool <0.1.1 - XSS
CVSS 7.1
CVE-2025-23545
HIGH
Navnish Bhardwaj WP Social Broadcast - XSS
CVSS 7.1
CVE-2025-23544
HIGH
StatPressCN <= 1.9.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23541
HIGH
edmon Download, Downloads <= 1.4.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23540
HIGH
Mohsin Khan WP Front-end <2.1.0 - XSS
CVSS 7.1
CVE-2025-22264
HIGH
WP Query Creator <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24530
MEDIUM
phpMyAdmin 5.0.0-5.2.1 - Stored Cross-Site Scripting via Crafted Table or Database Name
CVSS 6.4
CVE-2025-24529
MEDIUM
phpMyAdmin 5.0.0-5.2.1 - Stored Cross-Site Scripting in Insert Tab
CVSS 6.4
Details
Vulnerabilities
45,293
Exploit Likelihood
High