CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,430 vulnerabilities with CWE-79
CVE-2024-51663 MEDIUM
Bricksable for Bricks Builder <1.6.59 - XSS
CVSS 5.9
CVE-2024-51662 MEDIUM
Modernaweb Studio Black Widgets For Elementor <1.3.6 - XSS
CVSS 6.5
CVE-2024-51629 MEDIUM
MetricThemes Header Footer Composer for Elementor <1.0.5 - XSS
CVSS 6.5
CVE-2024-51628 MEDIUM
EzyOnlineBookings Online Booking System Widget <1.3 - XSS
CVSS 6.5
CVE-2024-51627 MEDIUM
Kaedinger Audio Comparison Lite <3.4 - XSS
CVSS 6.5
CVE-2024-51622 MEDIUM
WP Experts Team WP EASY RECIPE - XSS
CVSS 6.5
CVE-2024-51618 MEDIUM
DuoGeek Custom Admin Menu <1.0.0 - XSS
CVSS 6.5
CVE-2024-51616 MEDIUM
AwesomePress <= 1.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51614 MEDIUM
Aajoda Testimonials <= 2.2.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51613 MEDIUM
TradeMe widgets <= 1.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51612 MEDIUM
Ken Charity Reftagger Shortcode <1.1 - XSS
CVSS 6.5
CVE-2024-51611 MEDIUM
WP Feature Box <= 0.1.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-51706 HIGH
Upeksha Wisidagama UW Freelancer - XSS
CVSS 7.1
CVE-2024-51705 HIGH
WP MMenu Lite <= 1.0.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-51704 HIGH
imPress <= 0.1.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-51703 HIGH
WP-Basics <= 2.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-51702 HIGH
Benjamin Moody, Eric Holmes - WordPress SrcSet Responsive Images <1...
CVSS 7.1
CVE-2024-51701 HIGH
Mahesh Waghmare MG Post Contributors <1.3 - XSS
CVSS 7.1
CVE-2024-51699 HIGH
Buooy Sticky Header <= 0.5.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-51698 HIGH
Master Bar <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-51697 HIGH
Doofinder <= 0.5.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-51696 HIGH
Benjamin Moody Content Syndication Toolkit Reader <1.5 - XSS
CVSS 7.1
CVE-2024-51695 HIGH
Fabrica Synced Pattern Instances <1.0.9 - XSS
CVSS 7.1
CVE-2024-51694 HIGH
Digfish Geotagged Media <0.3.0 - XSS
CVSS 7.1
CVE-2024-51693 HIGH
laboratorio d'Avanguardia Search <0.2 - XSS
CVSS 7.1
Details
Vulnerabilities 45,430
Exploit Likelihood High