CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,423 vulnerabilities with CWE-79
CVE-2024-51879 MEDIUM
Arash Heidari Text Advertisements <2.1 - XSS
CVSS 6.5
CVE-2024-51878 MEDIUM
Joey Straile AchillesTheme-shortcodes - XSS
CVSS 6.5
CVE-2024-51877 MEDIUM
SV Forms <= 2.0.05 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-51876 MEDIUM
Codstack Team wp_automatic_widget <1.0.2 - XSS
CVSS 6.5
CVE-2024-51875 MEDIUM
MDC YouTube Downloader <3.0.0 - XSS
CVSS 6.5
CVE-2024-51874 MEDIUM
ParOne Feeds <= 1.17.1 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-51873 MEDIUM
matorel Multi-day Booking Calendar <1.0.1 - XSS
CVSS 6.5
CVE-2024-51872 MEDIUM
Luzuk Testimonials <= 0.0.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51871 MEDIUM
Luzuk Team <= 0.1.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51870 MEDIUM
Ultimate Flipbox Addon for Elementor <0.4 - XSS
CVSS 6.5
CVE-2024-51869 MEDIUM
Best WP Developer Gutenium Blocks <1.1.5 - XSS
CVSS 6.5
CVE-2024-51868 MEDIUM
DuoGeek Blocks <= 0.1.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51867 MEDIUM
Simpul Events by Esotech <= 1.8.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51866 MEDIUM
Mr. Riponshah Social button <1.3 - XSS
CVSS 6.5
CVE-2024-51865 MEDIUM
N.O.U.S. Open Useful and Simple Simple Social Share Block <1.0.0 - XSS
CVSS 6.5
CVE-2024-51864 MEDIUM
Agnel Waghela Shortcode Collection <1.4 - XSS
CVSS 6.5
CVE-2024-51863 MEDIUM
Team Profit-Funnels PF Timer <1.0.0 - XSS
CVSS 6.5
CVE-2024-51862 MEDIUM
Google Visualization Charts <0.1 - XSS
CVSS 6.5
CVE-2024-51861 MEDIUM
EventPress <= 1.0.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51860 MEDIUM
DuoGeek Custom Dashboard Widget <1.0.0 - XSS
CVSS 6.5
CVE-2024-51859 MEDIUM
Bamboo Enquiries <= 1.9.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51858 MEDIUM
Social Locker <= 1.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51857 MEDIUM
Olympus Shortcodes <= 1.0.4 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-51856 MEDIUM
Moose Elementor Kit <= 1.0.0 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-51855 MEDIUM
Productineer Redirecter <= 1.0 - DOM-Based Cross-Site Scripting
CVSS 6.5
Details
Vulnerabilities 45,423
Exploit Likelihood High