CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,435 vulnerabilities with CWE-79
CVE-2024-49639 HIGH
Edward Stoever Monitor.Chat <1.1.1. - XSS
CVSS 7.1
CVE-2024-49638 HIGH
Ali Azlan Risk Warning Bar <1.0 - XSS
CVSS 7.1
CVE-2024-49637 HIGH
Foxskav Bet WC 2018 Russia < 2.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-49636 HIGH
Prashant Mavinkurve Agile Video Player Lite - XSS
CVSS 7.1
CVE-2024-49635 HIGH
Manzurul Haque Banner Slider <2.1 - XSS
CVSS 7.1
CVE-2024-10461 MEDIUM
Firefox < 132 and ESR < 128.4 - Cross-Site Scripting via Multipart/x-mixed-replace Response
CVSS 6.1
CVE-2024-49667 MEDIUM
NervyThemes Local Business Addons For Elementor <1.1.5 - XSS
CVSS 6.5
CVE-2024-49665 MEDIUM
Web Bricks Addons for Elementor <1.1.1 - XSS
CVSS 6.5
CVE-2024-49664 HIGH
chatplusjp <= 1.02 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-49663 HIGH
Elena Zhyvohliad uCAT - Next Story <2.0.0 - XSS
CVSS 7.1
CVE-2024-49662 HIGH
Webgensis Simple Load More <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-49661 HIGH
leenk.me <= 2.16.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-49660 HIGH
Campus Explorer Widget <= 1.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-49659 MEDIUM
Coub < 1.4 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-49656 HIGH
DocumentPress <= 2.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-49654 HIGH
Marian Heddesheimer Extra Privacy for Elementor <0.1.3 - XSS
CVSS 7.1
CVE-2024-49651 HIGH
WooCommerce Maintenance Mode <2.0.1 - XSS
CVSS 7.1
CVE-2024-49650 HIGH
BuddyPress Greeting Message <= 1.0.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-49648 HIGH
rafasashi SVG Captcha <1.0.11 - XSS
CVSS 7.1
CVE-2024-49647 HIGH
Carl Alberto Simple Custom Admin <1.2 - XSS
CVSS 7.1
CVE-2024-49646 HIGH
ioannup Code Generate <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-10181 MEDIUM
Newsletters plugin for WordPress <4.9.9.4 - XSS
CVSS 6.4
CVE-2024-50410 MEDIUM
Namaste! LMS <= 2.6.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-50409 MEDIUM
Namaste! LMS <= 2.6.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-50407 HIGH
Namaste! LMS <= 2.6.2 - Reflected Cross-Site Scripting
CVSS 7.1
Details
Vulnerabilities 45,435
Exploit Likelihood High