CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,369 vulnerabilities with CWE-79
CVE-2024-56411
MEDIUM
PhpSpreadsheet <3.7.0, 2.3.5, 2.1.6, 1.29.7 - XSS
CVSS 5.4
CVE-2024-56410
MEDIUM
PhpSpreadsheet <3.7.0, 2.3.5, 2.1.6, 1.29.7 - XSS
CVSS 5.4
CVE-2024-56409
MEDIUM
PhpSpreadsheet <3.7.0, <2.3.5, <2.1.6, <1.29.7 - XSS
CVSS 5.4
CVE-2024-56366
MEDIUM
PhpSpreadsheet <3.7.0, <2.3.5, <2.1.6, <1.29.7 - XSS
CVSS 5.4
CVE-2024-56365
MEDIUM
PhpSpreadsheet <3.7.0, 2.3.5, 2.1.6, 1.29.7 - XSS
CVSS 5.4
CVE-2024-56408
MEDIUM
PhpSpreadsheet <3.7.0, 2.3.5, 2.1.6, 1.29.7 - XSS
CVSS 5.4
CVE-2024-48197
MEDIUM
Audiocodes MP-202b 4.4.3 - Cross-Site Scripting via Login Page
CVSS 4.7
CVE-2024-56199
MEDIUM
phpMyFAQ 3.2.10-4.0.2 - Stored Cross-Site Scripting in FAQ Editor
CVSS 5.2
CVE-2024-55541
MEDIUM
Acronis Cyber Protect < 16 build 39169 - Stored Cross-Site Scripting via postMessage Origin Validation Bypass
CVSS 6.1
CVE-2024-12907
MEDIUM
Kentico CMS 7 - Reflected Cross-Site Scripting via AccessDenied.aspx GET Parameter
CVE-2024-56268
MEDIUM
WP Hait Post Grid Elementor Addon <2.0.18 - XSS
CVSS 6.5
CVE-2024-56257
MEDIUM
CoolPlugins Coins MarketCap <5.5.8 - XSS
CVSS 6.5
CVE-2024-56014
HIGH
Markyis Cool Olivia <= 0.9.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56302
MEDIUM
ConvertCalculator for WordPress <= 1.1.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-56267
HIGH
Fla-shop.com Interactive UK Map <3.4.8 - XSS
CVSS 7.1
CVE-2024-56263
MEDIUM
GS Shots for Dribbble <= 1.2.0 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-56262
MEDIUM
GS Coaches <= 1.1.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-56261
MEDIUM
GS Plugins Project Showcase <1.1.1 - XSS
CVSS 6.5
CVE-2024-56260
MEDIUM
StorePlugin ShopElement <= 2.0.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-56259
MEDIUM
GeoDirectory <= 2.3.84 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-56258
MEDIUM
WPBlockArt Magazine Blocks <1.3.20 - XSS
CVSS 6.5
CVE-2024-56254
MEDIUM
Move Addons for Elementor <= 1.3.6 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-56252
MEDIUM
themelooks Enter Addons <= 2.1.9 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-56246
MEDIUM
POSIMYTH Nexter Blocks <4.0.4 - XSS
CVSS 6.5
CVE-2024-56245
MEDIUM
Leap13 Premium Blocks - Gutenberg Blocks for WordPress <2.1.42 - XSS
CVSS 6.5
Details
Vulnerabilities
45,369
Exploit Likelihood
High