CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,293 vulnerabilities with CWE-79
CVE-2025-23936
MEDIUM
CC Circle Progress Bar <= 1.0.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23935
MEDIUM
Magic Google Maps <= 1.0.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23934
MEDIUM
Giveaways and Contests by PromoSimple <= 1.24 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23933
MEDIUM
WpFreeware WpF Ultimate Carousel <1.0.11 - XSS
CVSS 6.5
CVE-2025-23928
MEDIUM
Aleksandar Arsovski Google Org Chart <1.0.1 - XSS
CVSS 6.5
CVE-2025-23927
MEDIUM
Massimo Serpilli Incredible Font Awesome - XSS
CVSS 6.5
CVE-2025-23926
MEDIUM
TC Ajax WP Query Search Filter <1.0.8 - XSS
CVSS 6.5
CVE-2025-23925
MEDIUM
Feedburner Optin Form <= 0.2.8 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23924
MEDIUM
WP Photo Sphere <= 3.8 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23909
MEDIUM
Common Ninja Compare Ninja <2.1.0 - XSS
CVSS 6.5
CVE-2025-23908
MEDIUM
Pastebin <= 1.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23907
MEDIUM
SOCIAL.NINJA <= 0.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23899
MEDIUM
Bookalet <= 1.0.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23897
MEDIUM
ApplyMetrics Apply - LinkedIn Buttons <2.3 - XSS
CVSS 6.5
CVE-2025-23896
MEDIUM
Oncle Tom Mindmeister Shortcode <1.0 - XSS
CVSS 6.5
CVE-2025-23893
MEDIUM
GMap Shortcode <= 2.0 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-23892
MEDIUM
Progress Tracker <= 0.9.3 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-23891
MEDIUM
Vincent Loy Yet Another Countdown <1.0.1 - XSS
CVSS 6.5
CVE-2025-23890
MEDIUM
Tom Ewer & Tito Pandu Easy Tweet Embed <1.7 - XSS
CVSS 6.5
CVE-2025-23887
MEDIUM
Scott Allan Wallick Blog Summary <0.1.2β - XSS
CVSS 6.5
CVE-2025-23886
MEDIUM
Annie <= 2.1.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23878
MEDIUM
Scott Reilly Post-to-Post Links <4.2 - XSS
CVSS 5.9
CVE-2025-23877
MEDIUM
Nite Shortcodes <= 1.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23876
MEDIUM
WP krpano <= 1.2.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23873
MEDIUM
Anshi Solutions Category D3 Tree - XSS
CVSS 6.5
Details
Vulnerabilities
45,293
Exploit Likelihood
High