CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,414 vulnerabilities with CWE-79
CVE-2024-53741 MEDIUM
Garrett Grimm Simple Popup <4.6 - XSS
CVSS 6.5
CVE-2024-53740 HIGH
NotFound WooCommerce Ultimate Gift Card - Create, Sell and Manage G...
CVSS 7.1
CVE-2024-53721 MEDIUM
Stachethemes Advanced Event Manager <1.1.6 - XSS
CVSS 6.5
CVE-2024-53709 MEDIUM
bdevs Generic Elements <1.2.3 - XSS
CVSS 6.5
CVE-2024-52503 MEDIUM
Tailored Tools <= 1.8.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-52502 MEDIUM
ImbaChat <= 3.1.4 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-52494 MEDIUM
Matt Varone, Tim Berneman Dynamic "To Top" <3.5.2 - XSS
CVSS 5.9
CVE-2024-52493 MEDIUM
Meteor Slides <= 1.5.7 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-52492 MEDIUM
Gopi Ramasamy Image horizontal reel scroll slideshow <13.4 - XSS
CVSS 5.9
CVE-2024-52491 MEDIUM
Sanil Shakya Sticky Social Icons <1.2.1 - XSS
CVSS 5.9
CVE-2024-52489 MEDIUM
Udi Dollberg Add Chat App Button <2.1.5 - XSS
CVSS 5.9
CVE-2024-52487 MEDIUM
WebCodingPlace Ultimate Classified Listings <1.4 - XSS
CVSS 6.5
CVE-2024-52486 MEDIUM
SolverWP Elementor Portfolio Builder <1.0.0 - XSS
CVSS 6.5
CVE-2024-52484 HIGH
Wc Recently viewed products <= 1.0.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-52483 HIGH
LeanPress <= 1.0.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-52482 HIGH
Ortto <= 1.0.19 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-52478 MEDIUM
Astoundify Jobify < 4.3.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-52469 HIGH
WooCommerce Price Alert <1.0.4 - XSS
CVSS 7.1
CVE-2024-52468 HIGH
LeadBoxer <= 1.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-52467 HIGH
August Infotech AI Responsive Gallery Album <1.4 - XSS
CVSS 7.1
CVE-2024-52466 HIGH
Explara Events <= 0.1.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-52465 HIGH
Data443 LGPD Framework <= 2.0.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-52464 HIGH
amr shortcodes <= 1.7 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-52463 HIGH
Kat Hagan Post By Email <1.0.4b - XSS
CVSS 7.1
CVE-2024-52462 HIGH
WP e-Commerce Style Email <0.6.2 - XSS
CVSS 7.1
Details
Vulnerabilities 45,414
Exploit Likelihood High