CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,293 vulnerabilities with CWE-79
CVE-2025-22525 MEDIUM
bharatkambariya Donation Block For PayPal <2.2.0 - XSS
CVSS 6.5
CVE-2025-22524 MEDIUM
instaform.ir - Stored XSS
CVSS 6.5
CVE-2025-22522 HIGH
SingSong <= 1.2 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-22518 MEDIUM
KentoThemes Justified Image Gallery <1.0 - XSS
CVSS 6.5
CVE-2025-22517 MEDIUM
List Pages at Depth <= 1.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-22516 MEDIUM
Hitesh Patel Metadata SEO <2.3 - XSS
CVSS 6.5
CVE-2025-22515 MEDIUM
Simon Chuang Show Google Analytics <1.5.4 - XSS
CVSS 6.5
CVE-2025-22511 MEDIUM
Ella van Durpe Slides & Presentations <0.0.40 - XSS
CVSS 6.5
CVE-2025-22338 HIGH
WP-tagMaker <= 0.2.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22335 HIGH
Opencart Product in WP <= 1.0.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22294 HIGH
Gravity Master Custom Field For WP Job Manager <1.3 - XSS
CVSS 7.1
CVE-2025-0295 LOW
code-projects Online Book Shop 1.0 - XSS
CVSS 3.5
CVE-2025-22362 MEDIUM
Powerfusion WPAchievements Free - XSS
CVSS 6.5
CVE-2025-22359 HIGH
SyncFields <= 2.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22358 HIGH
Wp advertising management <= 1.0.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22357 HIGH
Simple Plugins Target Notifications <1.1.1 - XSS
CVSS 7.1
CVE-2025-22355 HIGH
kiKx Kikx Simple Post Author Filter <1.0 - XSS
CVSS 7.1
CVE-2025-22353 HIGH
BVD Easy Gallery Manager <1.0.7 - XSS
CVSS 7.1
CVE-2025-22339 MEDIUM
aThemeArt Store Commerce <1.2.3 - XSS
CVSS 6.5
CVE-2025-22333 MEDIUM
Piotnet Addons For Elementor <2.4.31 - XSS
CVSS 6.5
CVE-2025-22327 MEDIUM
Olaf Lederer EO4WP <= 1.0.8.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2025-22326 HIGH
5centsCDN <= 25.4.15 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22324 HIGH
OZ Canonical <= 0.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-22323 MEDIUM
Jewel Theme Image Hover Effects <1.0.2.3 - XSS
CVSS 6.5
CVE-2025-22321 MEDIUM
ElementsCSS Addons for Elementor <1.0.8.7 - XSS
CVSS 6.5
Details
Vulnerabilities 45,293
Exploit Likelihood High