CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,371 vulnerabilities with CWE-79
CVE-2024-54345 MEDIUM
Bicycleshop <= 1.5 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-54344 HIGH
Fahad Mahmood WP Quick Shop <1.3.1 - XSS
CVSS 7.1
CVE-2024-54343 HIGH
Howard Ehrenberg Connect Contact Form 7 - XSS
CVSS 7.1
CVE-2024-54342 HIGH
STAGGS Staggs Product Configurator - XSS
CVSS 7.1
CVE-2024-54341 HIGH
LabelGrid Tools <= 1.3.58 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54340 HIGH
Sylvia van Os Simple Presenter <1.5.1 - XSS
CVSS 7.1
CVE-2024-54339 HIGH
geoFlickr <= 1.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54338 MEDIUM
Hello Event Widgets For Elementor <1.0.2 - XSS
CVSS 6.5
CVE-2024-54335 HIGH
ZebraSoft Monaco ImmoToolBox Connect <1.3.3 - XSS
CVSS 7.1
CVE-2024-54334 MEDIUM
Zeshan B Quran Phrases About Most People Shortcodes - XSS
CVSS 6.5
CVE-2024-54333 HIGH
silverplugins217 - WooCommerce <1.1 - XSS
CVSS 7.1
CVE-2024-54329 HIGH
Metup s.r.l. CleverNode <1.1.5 - XSS
CVSS 7.1
CVE-2024-54328 HIGH
Link Nacional Invoice Payment for WooCommerce <1.7.2 - XSS
CVSS 7.1
CVE-2024-54327 HIGH
UNIVERSAM < 8.59 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54325 HIGH
CarDealerPress <= 6.6.2410.02 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54324 HIGH
SMSify <= 6.0.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54322 HIGH
Ederson Peka Media Downloader <0.4.7.4 - XSS
CVSS 7.1
CVE-2024-54320 HIGH
ICDSoft Hosting ICDSoft Reseller Store <2.4.5 - XSS
CVSS 7.1
CVE-2024-54319 HIGH
MultiNet Interactive AB Kundgenerator <1.0.6 - XSS
CVSS 7.1
CVE-2024-54318 MEDIUM
NiceJob <= 3.6.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-54317 MEDIUM
Google Web Stories <= 1.37.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-54316 MEDIUM
NicheAddons Restaurant & Cafe Addon <1.5.8 - XSS
CVSS 6.5
CVE-2024-54315 MEDIUM
NicheAddons Events Addon <2.2.2 - XSS
CVSS 6.5
CVE-2024-54314 MEDIUM
NicheAddons Primary Addon for Elementor <1.6.0 - XSS
CVSS 6.5
CVE-2024-54312 HIGH
Persian Woocommerce SMS <7.0.5 - XSS
CVSS 7.1
Details
Vulnerabilities 45,371
Exploit Likelihood High