CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,293 vulnerabilities with CWE-79
CVE-2025-23868
MEDIUM
Chess Tempo Viewer <= 0.9.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23865
MEDIUM
Winning Portfolio <= 1.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23864
MEDIUM
WP Code Snippets WCS QR Code Generator <1.0 - XSS
CVSS 6.5
CVE-2025-23863
MEDIUM
Rollover Tab <= 1.3.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23860
MEDIUM
Charity-thermometer <= 1.1.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23859
MEDIUM
Daily Proverb <= 2.0.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23856
MEDIUM
Alessandro Staniscia Simple Vertical Timeline - XSS
CVSS 6.5
CVE-2025-23854
MEDIUM
YesStreaming.com Shoutcast/Icecast <3.3 - XSS
CVSS 5.9
CVE-2025-23841
MEDIUM
Top Flash Embed <= 0.3.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23833
MEDIUM
RaminMT Links/Problem Reporter <2.6.0 - XSS
CVSS 6.5
CVE-2025-23831
MEDIUM
Rene Hermenau QR Code Generator <1.2.6 - XSS
CVSS 6.5
CVE-2025-23830
MEDIUM
Jobair JB Horizontal Scroller News Ticker - XSS
CVSS 6.5
CVE-2025-23828
HIGH
OriginalTips.com WordPress Data Guard - XSS
CVSS 7.1
CVE-2025-23827
HIGH
Strx Magic Floating Sidebar Maker <1.4.1 - XSS
CVSS 7.1
CVE-2025-23826
HIGH
Stop Comment Spam <= 0.5.3 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-23825
MEDIUM
Alex Thorpe Easy Shortcode Buttons <1.2 - XSS
CVSS 6.5
CVE-2025-23824
MEDIUM
FontAwesome.io ShortCodes <1.0 - XSS
CVSS 6.5
CVE-2025-23816
MEDIUM
Metaphor Widgets <= 2.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23807
MEDIUM
Jimmy Hu Spiderpowa Embed PDF - XSS
CVSS 6.5
CVE-2025-23802
MEDIUM
WP-Revive Adserver <= 2.2.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23796
MEDIUM
Tushar Patel Easy Portfolio <1.3 - XSS
CVSS 6.5
CVE-2025-23795
MEDIUM
Gold Plugins Easy FAQs <3.2.1 - XSS
CVSS 6.5
CVE-2025-23794
MEDIUM
wp_amaps <= 1.7 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23791
MEDIUM
RocaPress Horizontal Line Shortcode <1.0 - XSS
CVSS 6.5
CVE-2025-23777
MEDIUM
Willows Consulting Ltd. GDPR Personal Data Reports <1.0.5 - XSS
CVSS 6.5
Details
Vulnerabilities
45,293
Exploit Likelihood
High