CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,369 vulnerabilities with CWE-79
CVE-2024-56242 MEDIUM
Arconix Shortcodes <= 2.1.14 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-56241 MEDIUM
WPKoi Templates for Elementor <3.1.3 - XSS
CVSS 6.5
CVE-2024-56240 MEDIUM
Pronamic Google Maps <= 2.3.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-56239 MEDIUM
Themify Audio Dock <= 2.0.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-56237 MEDIUM
Contest Gallery <= 24.0.3 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-56026 HIGH
Simple Proxy <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56025 HIGH
AdWork Media EZ Content Locker <3.0 - XSS
CVSS 7.1
CVE-2024-56024 HIGH
DuoGeek Custom Dashboard Widget <1.0.0 - XSS
CVSS 7.1
CVE-2024-56023 HIGH
Perfect Solution WP eCommerce Quickpay <1.1.0 - XSS
CVSS 7.1
CVE-2024-56022 HIGH
WordPress Monsters Preloader <1.2.3 - XSS
CVSS 7.1
CVE-2024-56018 HIGH
BU Section Editing <= 0.9.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56069 HIGH
Azzaroco WP SuperBackup <2.3.3 - XSS
CVSS 7.1
CVE-2024-56060 HIGH
HTML Forms <= 1.4.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56038 HIGH
SendSMS <= 1.2.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56037 HIGH
Md Maruf Adnan Sami User Referral <8.0 - XSS
CVSS 7.1
CVE-2024-56036 HIGH
Ondrej Donek odPhotogallery <0.5.4 - XSS
CVSS 7.1
CVE-2024-56035 HIGH
Kurt Payne Upload Scanner <1.2 - XSS
CVSS 7.1
CVE-2024-56034 HIGH
Irshad A.Khan Services updates for customers <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56033 HIGH
Think201 FAQs <= 1.0.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56032 HIGH
Foliovision FV Descriptions <1.4 - XSS
CVSS 7.1
CVE-2024-56030 HIGH
10CentMail <= 2.1.50 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56029 HIGH
Dreamwinner Easy Lang Switcher <1.0 - XSS
CVSS 7.1
CVE-2024-56028 HIGH
Lemonade Social Networks Autoposter Pinterest <2.0 - XSS
CVSS 7.1
CVE-2024-56027 HIGH
Leads CRM <= 2.0.13 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56019 MEDIUM
Gavin Rehkemper Inline Footnotes <2.3.0 - XSS
CVSS 6.5
Details
Vulnerabilities 45,369
Exploit Likelihood High