CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,371 vulnerabilities with CWE-79
CVE-2024-54308 MEDIUM
CurrencyRate.today Cryptocurrency Price Widget <1.2.3 - XSS
CVSS 5.9
CVE-2024-54305 HIGH
woocs J&T Express Malaysia <2.0.13 - XSS
CVSS 7.1
CVE-2024-54303 HIGH
Ido Kobelkowsky/yalla ya! Simple Payment <2.3.7 - XSS
CVSS 7.1
CVE-2024-54302 HIGH
VForm < 3.0.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54301 HIGH
FormFacade <= 1.3.6 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54299 HIGH
Revi.io <= 5.7.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54290 HIGH
Justin Fletcher Role Includer <1.6 - XSS
CVSS 7.1
CVE-2024-54288 HIGH
LDD Directory Lite <= 3.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54287 MEDIUM
Best Wp Developer Advanced Blog Post Block <1.0.4 - XSS
CVSS 6.5
CVE-2024-54286 MEDIUM
Sendsmaily LLC Smaily for WP <3.1.2 - XSS
CVSS 6.5
CVE-2024-54277 MEDIUM
Alireza aliniya Nias course <1.2.1 - XSS
CVSS 6.5
CVE-2024-54276 MEDIUM
Felix Moira Poll Builder <1.3.5 - XSS
CVSS 6.5
CVE-2024-54275 HIGH
CSV to html <= 3.08 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54274 HIGH
Octrace Studio WordPress HelpDesk & Support Ticket System Plugin - XSS
CVSS 7.1
CVE-2024-54272 MEDIUM
RadiusTheme Radius Blocks - WordPress Gutenberg Blocks <2.1.2 - XSS
CVSS 6.5
CVE-2024-54266 HIGH
ImageRecycle pdf & image compression <3.1.16 - XSS
CVSS 7.1
CVE-2024-54265 HIGH
UkrSolution Barcode Scanner <1.6.6 - XSS
CVSS 7.1
CVE-2024-54264 HIGH
Shortcodes Blocks Creator Ultimate <2.2.0 - XSS
CVSS 7.1
CVE-2024-54250 MEDIUM
Prodigy Commerce <= 3.0.8 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-54246 MEDIUM
Think201 FAQs <= 1.0.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-54245 MEDIUM
Think201 Clients <= 1.1.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-54244 MEDIUM
Easy Replace <= 1.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-54243 MEDIUM
Echoza <= 0.1.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-54240 HIGH
Blaze Online eParcel for WooCommerce <= 1.3.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54238 HIGH
Colin Tomele Board Document Manager <1.9.1 - XSS
CVSS 7.1
Details
Vulnerabilities 45,371
Exploit Likelihood High