CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,414 vulnerabilities with CWE-79
CVE-2024-52461 HIGH
Kinsta WordPress Hosting Infinite Slider <2.0.1 - XSS
CVSS 7.1
CVE-2024-52460 HIGH
AtaraPay WooCommerce Payment Gateway <2.0.13 - XSS
CVSS 7.1
CVE-2024-52459 HIGH
Chameleoni Jobs <= 2.5.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-52458 HIGH
Templines TM Islamic Helper <1.0.1 - XSS
CVSS 7.1
CVE-2024-52457 HIGH
Youneeq Recommendations <3.0.7 - XSS
CVSS 7.1
CVE-2024-52456 HIGH
WPoets Awesome Studio <= 2.4.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-52455 HIGH
GoQSmile <= 1.0.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-52454 HIGH
GoQMieruca <= 1.0.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-52453 HIGH
Jon Lorang Library Bookshelves <5.8 - XSS
CVSS 7.1
CVE-2024-52452 HIGH
eduNEXT Open edX LMS <= 2.6.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-51900 MEDIUM
Richard K Miller What Would Seth Godin Do <2.1.1 - XSS
CVSS 5.9
CVE-2024-53752 MEDIUM
Berg Informatik Stripe Donation <1.2.5 - XSS
CVSS 6.5
CVE-2024-53749 MEDIUM
Plugin Devs Post Carousel Slider for Elementor <1.4.0 - XSS
CVSS 6.5
CVE-2024-53748 MEDIUM
WP Mermaid <= 1.0.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-53747 MEDIUM
NuttTaro Video Player for WPBakery <1.0.1 - XSS
CVSS 6.5
CVE-2024-53746 MEDIUM
FlickDevs Elementor Button Plus <1.3.3 - XSS
CVSS 6.5
CVE-2024-53745 MEDIUM
Cosmosfarm - Cross-Site Scripting
CVSS 6.5
CVE-2024-53744 MEDIUM
Skybootstrap Elementor Image Gallery Plugin <1.0.3 - XSS
CVSS 6.5
CVE-2024-53743 MEDIUM
FlickDevs Countdown Timer for Elementor <1.3.6 - XSS
CVSS 6.5
CVE-2024-53742 HIGH
Prism I.T. Systems Multilevel Referral Affiliate Plugin - XSS
CVSS 7.1
CVE-2024-53786 MEDIUM
Codeless Cowidgets - Elementor Addons <1.2.0 - XSS
CVSS 6.5
CVE-2024-53774 MEDIUM
Sparkle WP Sparkle Elementor Kit <2.0.9 - XSS
CVSS 6.5
CVE-2024-53773 MEDIUM
Znajd Prac z Praca.pl <= 2.2.3 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-53772 MEDIUM
PickPlugins Mail Picker <1.0.14 - XSS
CVSS 6.5
CVE-2024-53771 MEDIUM
SimpleSchema <= 1.7.6.9 - DOM-Based Cross-Site Scripting
CVSS 6.5
Details
Vulnerabilities 45,414
Exploit Likelihood High