CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,293 vulnerabilities with CWE-79
CVE-2025-23592
HIGH
dForms <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23589
HIGH
ContentOptin Lite <= 1.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23583
HIGH
Explara Membership <= 0.0.7 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23578
HIGH
NotFound Custom CSS Addons <1.9.1 - XSS
CVSS 7.1
CVE-2025-23548
HIGH
Bilal TAS Responsivity <0.0.7 - XSS
CVSS 7.1
CVE-2025-23535
HIGH
REAL WordPress Sidebar <= 0.1 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-23509
HIGH
HyperComments <= 0.9.6 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23507
HIGH
Blrt WP Embed <= 1.6.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23506
HIGH
WP IMAP Auth <= 4.0.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23503
HIGH
NotFound Customizable Captcha & Contact Us <1.0.2 - XSS
CVSS 7.1
CVE-2025-23500
HIGH
Simple Custom post type custom field <1.0.3 - XSS
CVSS 7.1
CVE-2025-23498
HIGH
Translation.Pro <= 1.0.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23495
HIGH
WooCommerce Order Search <1.1.0 - XSS
CVSS 7.1
CVE-2025-23475
HIGH
History timeline < 0.7.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23462
HIGH
FWD Slider <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23449
HIGH
Simple shortcode buttons <= 1.3.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22772
HIGH
Mapbox for WP Advanced <= 1.0.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24459
MEDIUM
JetBrains TeamCity < 2024.12.1 - Reflected Cross-Site Scripting on Vault Connection Page
CVSS 4.6
CVE-2025-23994
HIGH
Estatebud - Properties & Listings <5.5.0 - XSS
CVSS 7.1
CVE-2025-23580
HIGH
Matthew BizLibrary <= 1.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23551
HIGH
SexBundle <= 1.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23489
HIGH
WP-Announcements <= 1.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23461
HIGH
Andrea Dotta, Jacopo Campani, di xkoll.com Social2Blog <0.2.990 - XSS
CVSS 7.1
CVE-2025-23454
HIGH
flashmaniac Nature FlipBook <1.7 - XSS
CVSS 7.1
CVE-2025-22661
MEDIUM
Online Payments - Get Paid with PayPal, Square & Stripe <= 3.20.0 - Stored Cross-Site Scripting
CVSS 6.5
Details
Vulnerabilities
45,293
Exploit Likelihood
High