CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,369 vulnerabilities with CWE-79
CVE-2024-12595
MEDIUM
AHAthat Plugin WordPress plugin < 1.6 - Reflected Cross-Site Scripting via REQUEST_URI Parameter
CVSS 4.7
CVE-2024-11357
MEDIUM
goodlayers-core < 2.0.10 - Authenticated Stored Cross-Site Scripting via Settings
CVSS 5.9
CVE-2024-11846
MEDIUM
Travel Tour < 5.2.4 - Reflected Cross-Site Scripting
CVSS 6.1
CVE-2024-56021
MEDIUM
ibnuyahya Category Post Shortcode <2.4 - XSS
CVSS 6.5
CVE-2024-56020
MEDIUM
SvegliaT Buttons <= 1.3.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-56063
MEDIUM
Essential Addons for Elementor <= 6.0.7 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-56062
MEDIUM
Royal Elementor Addons <= 1.3.987 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-13083
LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-13082
LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-13081
LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-13080
LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-13077
LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-13076
LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-13075
LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-13074
LOW
PHPGurukul Land Record System 1.0 - XSS
CVSS 3.5
CVE-2024-56265
HIGH
WooCommerce PDF Vouchers < 4.9.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56256
MEDIUM
Andy Fragen Embed PDF Viewer <2.3.1 - XSS
CVSS 5.9
CVE-2024-56235
MEDIUM
Coupon Plugin <= 1.2.2 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-56233
HIGH
Kinhelios Kintpv Wooconnect <8.129 - XSS
CVSS 7.1
CVE-2024-56231
MEDIUM
Debuggers Studio SaasPricing <1.1.4 - XSS
CVSS 6.5
CVE-2024-56228
HIGH
Wishlist for WooCommerce < 3.1.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56226
HIGH
Royal Elementor Addons <= 1.7.1001 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56224
MEDIUM
Ledenbeheer <= 2.1.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-56223
HIGH
Fahad Mahmood Gulri Slider <3.5.8 - XSS
CVSS 7.1
CVE-2024-56221
MEDIUM
WPMozo Addons Lite for Elementor <= 1.2.0 - Stored Cross-Site Scripting
CVSS 6.5
Details
Vulnerabilities
45,369
Exploit Likelihood
High