CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,369 vulnerabilities with CWE-79
CVE-2024-12595 MEDIUM
AHAthat Plugin WordPress plugin < 1.6 - Reflected Cross-Site Scripting via REQUEST_URI Parameter
CVSS 4.7
CVE-2024-11357 MEDIUM
goodlayers-core < 2.0.10 - Authenticated Stored Cross-Site Scripting via Settings
CVSS 5.9
CVE-2024-11846 MEDIUM
Travel Tour < 5.2.4 - Reflected Cross-Site Scripting
CVSS 6.1
CVE-2024-56021 MEDIUM
ibnuyahya Category Post Shortcode <2.4 - XSS
CVSS 6.5
CVE-2024-56020 MEDIUM
SvegliaT Buttons <= 1.3.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-56063 MEDIUM
Essential Addons for Elementor <= 6.0.7 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-56062 MEDIUM
Royal Elementor Addons <= 1.3.987 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-13083 LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-13082 LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-13081 LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-13080 LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-13077 LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-13076 LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-13075 LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-13074 LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-56265 HIGH
WooCommerce PDF Vouchers < 4.9.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56256 MEDIUM
Andy Fragen Embed PDF Viewer <2.3.1 - XSS
CVSS 5.9
CVE-2024-56235 MEDIUM
Coupon Plugin <= 1.2.2 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-56233 HIGH
Kinhelios Kintpv Wooconnect <8.129 - XSS
CVSS 7.1
CVE-2024-56231 MEDIUM
Debuggers Studio SaasPricing <1.1.4 - XSS
CVSS 6.5
CVE-2024-56228 HIGH
Wishlist for WooCommerce < 3.1.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56226 HIGH
Royal Elementor Addons <= 1.7.1001 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56224 MEDIUM
Ledenbeheer <= 2.1.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-56223 HIGH
Fahad Mahmood Gulri Slider <3.5.8 - XSS
CVSS 7.1
CVE-2024-56221 MEDIUM
WPMozo Addons Lite for Elementor <= 1.2.0 - Stored Cross-Site Scripting
CVSS 6.5
Details
Vulnerabilities 45,369
Exploit Likelihood High