CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,371 vulnerabilities with CWE-79
CVE-2024-11905 MEDIUM
Animated Counters <= 2.0 - Authenticated Stored Cross-Site Scripting via Shortcode Attributes
CVSS 6.4
CVE-2024-11902 MEDIUM
Slope Widgets <= 4.2.12 - Authenticated Stored Cross-Site Scripting via slope-reservations Shortcode
CVSS 6.4
CVE-2024-11900 MEDIUM
Portfolio - Filterable Masonry Portfolio Gallery <= 1.2.2 - Stored XSS via Shortcode
CVSS 6.4
CVE-2024-55451 MEDIUM
UJCMS 9.6.3 - Authenticated Stored Cross-Site Scripting via SVG File Upload
CVSS 4.8
CVE-2024-12443 MEDIUM
CRM Perks - WordPress HelpDesk Integration - Zendesk, Freshdesk, He...
CVSS 6.4
CVE-2024-55554 MEDIUM
Intrexx Portal Server <12.0.2 - XSS
CVSS 5.4
CVE-2024-37776 MEDIUM
Sunbird DCIM dcTrack 9.1.2 - Cross-Site Scripting in Admin Screens
CVSS 4.8
CVE-2024-55100 MEDIUM
Online Nurse Hiring System v1.0 - Stored Cross-Site Scripting via Fullname Parameter
CVSS 4.8
CVE-2024-12665 LOW
ruifang-tech Rebuild 3.8.5 - Stored Cross-Site Scripting in Task Comment Attachment Upload
CVSS 3.5
CVE-2024-12664 LOW
ruifang-tech Rebuild 3.8.5 - Stored Cross-Site Scripting in Project Task Comment Handler
CVSS 3.5
CVE-2024-54348 MEDIUM
YayCommerce Brand <= 1.1.6 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-54257 HIGH
Molefed tydskrif < 1.1.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54249 HIGH
Jules Colle Advanced Options Editor - XSS
CVSS 7.1
CVE-2024-56011 MEDIUM
Ilja Zaglov IMBAA GmbH Responsive Google Maps <1.2.5 - XSS
CVSS 6.5
CVE-2024-54443 MEDIUM
Pluginscafe Advanced Data Table For Elementor <1.0.0 - XSS
CVSS 6.5
CVE-2024-54442 MEDIUM
Better WP Login Page <= 1.1.2 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-54441 MEDIUM
Meini Utech World Time <= 1.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-54437 HIGH
jCarousel <= 1.0 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2024-54424 HIGH
Like in Vk.com <= 0.5.2 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2024-54422 HIGH
Evernote Sync <= 3.0.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54406 HIGH
Reza Moallemi Comments On Feed <1.2.1 - XSS
CVSS 7.1
CVE-2024-54403 HIGH
Ryan Scott Visual Recent Posts <1.2.3 - XSS
CVSS 7.1
CVE-2024-54395 HIGH
Becky Sanders Increase Sociability <1.3.0 - XSS
CVSS 7.1
CVE-2024-54390 HIGH
TagGator <= 1.54 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54387 HIGH
Jaytesh Barange Posts Date Ranges <2.2 - XSS
CVSS 7.1
Details
Vulnerabilities 45,371
Exploit Likelihood High