CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,390 vulnerabilities with CWE-79
CVE-2024-54290
HIGH
Justin Fletcher Role Includer <1.6 - XSS
CVSS 7.1
CVE-2024-54288
HIGH
LDD Directory Lite <= 3.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54287
MEDIUM
Best Wp Developer Advanced Blog Post Block <1.0.4 - XSS
CVSS 6.5
CVE-2024-54286
MEDIUM
Sendsmaily LLC Smaily for WP <3.1.2 - XSS
CVSS 6.5
CVE-2024-54277
MEDIUM
Alireza aliniya Nias course <1.2.1 - XSS
CVSS 6.5
CVE-2024-54276
MEDIUM
Felix Moira Poll Builder <1.3.5 - XSS
CVSS 6.5
CVE-2024-54275
HIGH
CSV to html <= 3.08 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54274
HIGH
Octrace Studio WordPress HelpDesk & Support Ticket System Plugin - XSS
CVSS 7.1
CVE-2024-54272
MEDIUM
RadiusTheme Radius Blocks - WordPress Gutenberg Blocks <2.1.2 - XSS
CVSS 6.5
CVE-2024-54266
HIGH
ImageRecycle pdf & image compression <3.1.16 - XSS
CVSS 7.1
CVE-2024-54265
HIGH
UkrSolution Barcode Scanner <1.6.6 - XSS
CVSS 7.1
CVE-2024-54264
HIGH
Shortcodes Blocks Creator Ultimate <2.2.0 - XSS
CVSS 7.1
CVE-2024-54250
MEDIUM
Prodigy Commerce <= 3.0.8 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-54246
MEDIUM
Think201 FAQs <= 1.0.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-54245
MEDIUM
Think201 Clients <= 1.1.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-54244
MEDIUM
Easy Replace <= 1.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-54243
MEDIUM
Echoza <= 0.1.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-54240
HIGH
Blaze Online eParcel for WooCommerce <= 1.3.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54238
HIGH
Colin Tomele Board Document Manager <1.9.1 - XSS
CVSS 7.1
CVE-2024-54237
HIGH
Ni CRM Lead <= 1.3.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-54236
HIGH
ania Ni WooCommerce Bulk Product Editor <1.4.5 - XSS
CVSS 7.1
CVE-2024-54235
HIGH
Shiptimize for WooCommerce <3.1.86 - XSS
CVSS 7.1
CVE-2024-54233
HIGH
Enea Overclokk Advanced Control Manager - XSS
CVSS 7.1
CVE-2024-54231
HIGH
ania Ni WooCommerce Order Export <3.1.6 - XSS
CVSS 7.1
CVE-2024-11986
CRITICAL
CrushFTP 10.0.0 through 10.8.2 and 11.0.0 through 11.2.1 - Stored XSS via Host Header
CVSS 9.6
Details
Vulnerabilities
45,390
Exploit Likelihood
High