CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,417 vulnerabilities with CWE-79
CVE-2024-51901 MEDIUM
Smooth Maps <= 1.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51899 MEDIUM
SEO Themes Simple Pricing Table - XSS
CVSS 6.5
CVE-2024-51898 MEDIUM
Sachin Jadhav Semantic Shortcode <1.0.1 - XSS
CVSS 6.5
CVE-2024-51897 MEDIUM
Erik Saulnier News Articles <1.0.0 - XSS
CVSS 6.5
CVE-2024-51896 MEDIUM
Magic Slider <= 1.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51895 MEDIUM
Minical Hotel Booking Plugin <1.0.2 - XSS
CVSS 6.5
CVE-2024-51894 MEDIUM
Reyzua Topbar ID for Elementor <1.0.1 - XSS
CVSS 6.5
CVE-2024-51893 MEDIUM
Postify: Post Layout For Elementor <= 1.0.1 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-51892 MEDIUM
naa986 Sell Media File with Stripe <1.0.6 - XSS
CVSS 6.5
CVE-2024-51891 MEDIUM
4B Systems sp. z o.o Official SalesWizard CRM Plugin <1.0.2 - XSS
CVSS 6.5
CVE-2024-51890 MEDIUM
geoWP Geoportail Shortcode <2.4.4 - XSS
CVSS 6.5
CVE-2024-51889 MEDIUM
GeroNikolov Fancy User List <3.1 - XSS
CVSS 6.5
CVE-2024-51887 MEDIUM
NV Slider <= 1.6 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51886 MEDIUM
Takashi Matsuyama Posts Filter <1.3.1 - XSS
CVSS 6.5
CVE-2024-51885 MEDIUM
Takashi Matsuyama Browsing History <1.3.1 - XSS
CVSS 6.5
CVE-2024-51884 MEDIUM
Takashi Matsuyama Posts Search <1.2.2. - XSS
CVSS 6.5
CVE-2024-51883 MEDIUM
I Plant A Tree <= 1.7.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51881 MEDIUM
Be Shortcodes <= 1.0.0 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-51880 MEDIUM
BeBetter Hotels BeBetter Social Icons <2.7 - XSS
CVSS 6.5
CVE-2024-51879 MEDIUM
Arash Heidari Text Advertisements <2.1 - XSS
CVSS 6.5
CVE-2024-51878 MEDIUM
Joey Straile AchillesTheme-shortcodes - XSS
CVSS 6.5
CVE-2024-51877 MEDIUM
SV Forms <= 2.0.05 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-51876 MEDIUM
Codstack Team wp_automatic_widget <1.0.2 - XSS
CVSS 6.5
CVE-2024-51875 MEDIUM
MDC YouTube Downloader <3.0.0 - XSS
CVSS 6.5
CVE-2024-51874 MEDIUM
ParOne Feeds <= 1.17.1 - DOM-Based Cross-Site Scripting
CVSS 6.5
Details
Vulnerabilities 45,417
Exploit Likelihood High