CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,430 vulnerabilities with CWE-79
CVE-2024-50990 MEDIUM
PHPGurukul Online Marriage Registration System 1.0 - Reflected Cross-Site Scripting via searchdata Parameter
CVSS 6.1
CVE-2024-11070 LOW
PublicCMS 5.202406.d - Cross-Site Scripting in Tag Type Handler via Name Argument
CVSS 3.5
CVE-2024-43437 MEDIUM
moodle <4.1.12 and 4.4.0-4.4.2 - Stored Cross-Site Scripting via Malicious Backup File Restore
CVSS 5.4
CVE-2024-11021 MEDIUM
Vice Webopac 6-6.5.1 - Stored Cross-Site Scripting
CVSS 5.4
CVE-2024-52355 MEDIUM
Hyumika OSM - Cross-Site Scripting
CVSS 6.5
CVE-2024-52354 MEDIUM
Cool Plugins Web Stories Widgets For Elementor - XSS
CVSS 6.5
CVE-2024-52353 MEDIUM
Christian Science Bible Lesson Subjects <2.0 - XSS
CVSS 6.5
CVE-2024-52352 MEDIUM
Postcasa Shortcode <= 1.0 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-52351 MEDIUM
BU Slideshow < 2.3.10 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-52350 MEDIUM
CRM 2go <= 1.0 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-11019 MEDIUM
Vice Webopac 6-6.5.1 - Unauthenticated Reflected Cross-Site Scripting
CVSS 6.1
CVE-2024-52358 MEDIUM
Cyberchimps Responsive Addons for Elementor <1.5.4 - XSS
CVSS 6.5
CVE-2024-52357 MEDIUM
lqd LIQUID BLOCKS <= 1.2.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-52356 MEDIUM
Webangon The Pack Elementor <2.1.0 - XSS
CVSS 6.5
CVE-2024-51575 MEDIUM
Abdullah Extender All In One For Elementor <1.0.4 - XSS
CVSS 6.5
CVE-2024-51574 MEDIUM
Simple Goods <= 0.1.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51573 MEDIUM
ML Responsive Audio player with playlist Shortcode <0.2 - XSS
CVSS 6.5
CVE-2024-51572 MEDIUM
LH QR Codes <= 1.06 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51571 MEDIUM
MasterBip para Elementor <1.6.3 - XSS
CVSS 6.5
CVE-2024-10265 MEDIUM
Form Maker by 10Web - WordPress <1.15.30 - XSS
CVSS 6.1
CVE-2024-51576 MEDIUM
WPZA AMP Img Shortcode <1.0.1 - XSS
CVSS 6.5
CVE-2024-51578 MEDIUM
Luca Paggetti 3D Presentation - XSS
CVSS 6.5
CVE-2024-51577 MEDIUM
Camunda Services GmbH bpmn.Io - XSS
CVSS 6.5
CVE-2024-51584 MEDIUM
Anas Edreesi Marquee Elementor <1.2.0 - XSS
CVSS 6.5
CVE-2024-51583 MEDIUM
KentoThemes Kento Ads Rotator - XSS
CVSS 6.5
Details
Vulnerabilities 45,430
Exploit Likelihood High