CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,417 vulnerabilities with CWE-79
CVE-2024-10872
MEDIUM
Getwid - Gutenberg Blocks <= 2.0.12 - Authenticated Stored Cross-Site Scripting via Template Post Custom Field Block
CVSS 6.4
CVE-2024-10891
MEDIUM
Save as PDF Plugin by PDFCrowd <= 4.2.1 - Authenticated Stored Cross-Site Scripting via Shortcode Attributes
CVSS 6.4
CVE-2024-9239
MEDIUM
Booster for WooCommerce <= 7.2.3 - Unauthenticated Reflected Cross-Site Scripting via add_query_arg and remove_query_arg
CVSS 6.1
CVE-2024-8726
MEDIUM
MailChimp Forms by MailMunch <3.2.3 - XSS
CVSS 6.1
CVE-2024-11277
MEDIUM
404 Solution < 2.35.19 - Unauthenticated Reflected Cross-Site Scripting via URL
CVSS 6.1
CVE-2024-9653
MEDIUM
Restaurant Menu - Food Ordering System <= 2.4.2 - Reflected XSS via Action Parameter
CVSS 6.1
CVE-2024-10515
LOW
SEO Plugin by Squirrly SEO < 12.3.21 - Stored Cross-Site Scripting
CVSS 3.5
CVE-2024-11278
MEDIUM
GD bbPress Attachments <4.7.2 - XSS
CVSS 6.1
CVE-2024-44309
MEDIUM
KEV
Debian Linux < 18.1.1 - XSS
CVSS 6.3
CVE-2024-52595
HIGH
lxml_html_clean < 0.4.0 - Cross-Site Scripting via Improper Context-Switching Tag Handling
CVSS 7.7
CVE-2024-30424
MEDIUM
Beaver Builder Addons by WPZOOM <= 1.3.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-11400
MEDIUM
HUSKY - Products Filter Professional - XSS
CVSS 6.1
CVE-2024-52763
MEDIUM
ganglia-web 3.7.3-3.7.5 - Cross-Site Scripting via graph_all_periods.php g Parameter
CVSS 5.4
CVE-2024-52762
MEDIUM
ganglia-web 3.73-3.76 - Cross-Site Scripting via tz Parameter in header.php
CVSS 5.4
CVE-2024-50430
MEDIUM
Beaver Builder <= 2.8.3.7 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-51938
MEDIUM
NicheAddons Charity Addon <1.3.2 - XSS
CVSS 6.5
CVE-2024-51937
MEDIUM
IA Map Analytics Basic <= 20170413 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-51936
MEDIUM
Henry ESB Testimonials <1.0.0 - XSS
CVSS 6.5
CVE-2024-51935
MEDIUM
Sam Perrow Fast Video & Image Display <2.5.2 - XSS
CVSS 6.5
CVE-2024-51934
MEDIUM
Ekiline Block Collection <1.0.5 - XSS
CVSS 6.5
CVE-2024-51933
MEDIUM
Cookie Nonsense for YT <1.2.0 - XSS
CVSS 6.5
CVE-2024-51932
MEDIUM
Saif Bin-Alam Kings Tab Slider - XSS
CVSS 6.5
CVE-2024-51931
MEDIUM
AzonBox <= 1.1.2 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-51930
MEDIUM
Jie Wang Custom URL Shortener <0.3.6 - XSS
CVSS 6.5
CVE-2024-51929
MEDIUM
Phil Spectrum Icon Widget <1.1.0 - XSS
CVSS 6.5
Details
Vulnerabilities
45,417
Exploit Likelihood
High