CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,293 vulnerabilities with CWE-79
CVE-2025-22594 HIGH
Better User Shortcodes <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22539 HIGH
ka2 Custom DataBase Tables <2.1.34 - XSS
CVSS 7.1
CVE-2025-22521 HIGH
Scott Farrell wp Hosting Performance Check <2.18.8 - XSS
CVSS 7.1
CVE-2025-22361 HIGH
Opentracker Analytics <= 1.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22345 HIGH
TS Comfort DB <= 2.0.7 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22331 HIGH
Cf7Save Extension <= 1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22330 HIGH
MG Parallax Slider <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22313 HIGH
OTWthemes Widgetize Pages Light <3.0 - XSS
CVSS 7.1
CVE-2025-22307 HIGH
CodeAstrology Team Product Table for WooCommerce <3.5.6 - XSS
CVSS 7.1
CVE-2025-22295 HIGH
Tripetto WordPress form builder plugin < 8.0.6 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-0348 LOW
CampCodes DepEd Equipment Inventory System 1.0 - XSS
CVSS 3.5
CVE-2025-0342 LOW
CampCodes Computer Laboratory Management System 1.0 - XSS
CVSS 3.5
CVE-2025-0339 LOW
code-projects Online Bike Rental 1.0 - XSS
CVSS 3.5
CVE-2025-22143 MEDIUM
WeGIA < 3.2.8 - Reflected Cross-Site Scripting via listar_permissoes.php msg_e Parameter
CVSS 6.1
CVE-2025-22139 MEDIUM
WeGIA < 3.2.8 - Reflected Cross-Site Scripting via configuracao_geral.php msg_c Parameter
CVSS 6.1
CVE-2025-20123 MEDIUM
Cisco Crosswork Network Controller - XSS
CVSS 4.8
CVE-2025-21603 MEDIUM
PLANEX MZK-DP300N <= 1.05 - Authenticated Cross-Site Scripting
CVSS 4.8
CVE-2025-22132 HIGH
WeGIA < 3.2.7 - Stored Cross-Site Scripting via XLSX File Upload
CVSS 8.3
CVE-2025-0301 LOW
code-projects Online Book Shop 1.0 - XSS
CVSS 3.5
CVE-2025-22500 MEDIUM
Ali Ali Alpha Price Table For Elementor <1.0.8 - XSS
CVSS 6.5
CVE-2025-22365 MEDIUM
EMC2 Alert Boxes <= 1.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-22354 MEDIUM
Code Themes Digi Store <1.1.4 - XSS
CVSS 6.5
CVE-2025-22334 MEDIUM
Education LMS <= 0.0.7 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-22296 MEDIUM
HashThemes Hash Elements <1.4.9 - XSS
CVSS 6.5
CVE-2025-22593 HIGH
Burria Laika Pedigree Tree <1.4 - XSS
CVSS 7.1
Details
Vulnerabilities 45,293
Exploit Likelihood High