CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,293 vulnerabilities with CWE-79
CVE-2025-23775
MEDIUM
WWP GMAPS for WPBakery Page Builder Free - XSS
CVSS 6.5
CVE-2025-23772
MEDIUM
imaGenius <= 1.7 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23760
HIGH
Chatter < 1.0.1 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-23783
MEDIUM
Greek Namedays Widget From Eortologio.Net <20191113 - XSS
CVSS 6.5
CVE-2025-23767
MEDIUM
Revolutionart Marmoset Viewer <1.9.3 - XSS
CVSS 6.5
CVE-2025-23699
HIGH
TechMix Event Countdown Timer Plugin <1.4 - XSS
CVSS 7.1
CVE-2025-23689
HIGH
Poco Blogger Image Import <n/a - XSS
CVSS 7.1
CVE-2025-23644
MEDIUM
QuoteMedia Tools <= 1.0 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-23642
MEDIUM
Sidebar-Content from Shortcode <= 2.0 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2025-23641
MEDIUM
Powie's pLinks PagePeeker <1.0.2 - XSS
CVSS 6.5
CVE-2025-23623
HIGH
Mahesh Bisen Contact Form 7 - CCAvenue Addon <1.0 - XSS
CVSS 7.1
CVE-2025-23620
HIGH
Captchelfie - Captcha by Selfie <1.0.8 - XSS
CVSS 7.1
CVE-2025-23547
HIGH
Peter Shaw LH Login Page <2.14 - XSS
CVSS 7.1
CVE-2025-23453
HIGH
Myriad Solutionz Stars SMTP Mailer <1.7 - XSS
CVSS 7.1
CVE-2025-23452
HIGH
EditionGuard for WooCommerce - eBook Sales with DRM <= 3.4.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23444
MEDIUM
Scroll Top Advanced <= 2.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-23438
HIGH
MarvinLabs WP PT-Viewer <2.0.2 - XSS
CVSS 7.1
CVE-2025-23434
MEDIUM
Albertolabs.com Easy EU Cookie law <1.3.3.1 - XSS
CVSS 6.5
CVE-2025-23432
HIGH
AlT Report <= 1.12.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-23429
HIGH
Altima Lookbook Free for WooCommerce <1.1.0 - XSS
CVSS 7.1
CVE-2025-0170
MEDIUM
DWT Directory & Listing WordPress Theme <3.3.3 - XSS
CVSS 6.1
CVE-2025-0215
MEDIUM
UpdraftPlus: WP Backup & Migration Plugin <1.24.12 - XSS
CVSS 6.1
CVE-2025-0485
LOW
native-php-cms 1.0 - Cross-Site Scripting via info Parameter in sysconfig_doedit.php
CVSS 3.5
CVE-2025-0483
LOW
native-php-cms 1.0 - Cross-Site Scripting via /fladmin/jump.php Message/Error Parameter
CVSS 3.5
CVE-2025-22798
MEDIUM
CHR Designer Responsive jQuery Slider - XSS
CVSS 6.5
Details
Vulnerabilities
45,293
Exploit Likelihood
High