CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,423 vulnerabilities with CWE-79
CVE-2024-51796 MEDIUM
WPManageNinja Trendy Restaurant Menu <1.0.0 - XSS
CVSS 6.5
CVE-2024-51795 MEDIUM
ByteLabX Pdf Embedder Fay <1.10.1 - XSS
CVSS 6.5
CVE-2024-51794 MEDIUM
Storely <= 14.7 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51617 MEDIUM
Clyp <= 1.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-50556 MEDIUM
WM Zoom <= 1.0 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-50554 MEDIUM
Sided <= 1.4.5 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-50553 MEDIUM
Classy Addons for Elementor <1.2.7 - XSS
CVSS 6.5
CVE-2024-50552 MEDIUM
Jason Pancake Hover Video Preview <1.0.2 - XSS
CVSS 6.5
CVE-2024-50551 MEDIUM
Alessandro Staniscia EndomondoWP <0.1.1 - XSS
CVSS 6.5
CVE-2024-50549 MEDIUM
Bonway Static Block Editor <= 1.1.0 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-50548 MEDIUM
Awesome Progress Bar <= 1.0.13 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-50547 MEDIUM
Themedy Toolbox <= 1.0.16 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-50546 MEDIUM
Print Reach, Inc. MyOrderDesk <3.2.6 - XSS
CVSS 6.5
CVE-2024-50545 MEDIUM
DataMentor <= 1.7 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-50543 MEDIUM
Amazing Team amazing neo icon font for elementor <2.0.1 - XSS
CVSS 6.5
CVE-2024-50542 MEDIUM
Zach Silberstein RLM Elementor Widgets Pack <1.3.1 - XSS
CVSS 6.5
CVE-2024-50541 MEDIUM
Enea Overclokk Advanced Control Manager - XSS
CVSS 6.5
CVE-2024-50540 MEDIUM
DemixPress (dp) AddThis <= 1.0.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-50538 MEDIUM
Irfan Ardiansah Show Visitor IP Address - XSS
CVSS 6.5
CVE-2024-50537 MEDIUM
Stefano Marra Smart Mockups <1.2.0 - XSS
CVSS 6.5
CVE-2024-50536 MEDIUM
GDReseller <= 1.6 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-50535 MEDIUM
Kyle M. Brown Step by Step <0.4.5 - XSS
CVSS 6.5
CVE-2024-50532 HIGH
Jerin K Alexander Events Manager Pro - XSS
CVSS 7.1
CVE-2024-50522 HIGH
Redy Ru WeChat Subscribers Lite <1.6.6 - XSS
CVSS 7.1
CVE-2024-50521 MEDIUM
Alley Elementor Widget <1.0.8 - XSS
CVSS 6.5
Details
Vulnerabilities 45,423
Exploit Likelihood High