CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,440 vulnerabilities with CWE-79
CVE-2024-10048 MEDIUM
Post Status Notifier Lite and Premium <= 1.11.6 - Unauthenticated Reflected Cross-Site Scripting via Page Parameter
CVSS 6.1
CVE-2024-10000 MEDIUM
Masteriyo LMS - WordPress <1.13.3 - XSS
CVSS 6.4
CVE-2024-10479 LOW
pb-cms < 2.0.1 - Cross-Site Scripting in Theme Management Module
CVSS 2.4
CVE-2024-10478 LOW
pb-cms < 2.0.1 - Cross-Site Scripting in Edit Article Handler
CVSS 2.4
CVE-2024-10477 LOW
pb-cms < 2.0.1 - Cross-Site Scripting in Permission Management Page
CVSS 2.4
CVE-2024-51509 MEDIUM
Tiki < 27.0 - Stored Cross-Site Scripting in Module Name
CVSS 4.8
CVE-2024-51508 MEDIUM
Tiki < 27.0 - Stored Cross-Site Scripting in External Wiki Index
CVSS 4.8
CVE-2024-51507 MEDIUM
Tiki < 27.0 - Stored Cross-Site Scripting in External Wiki Name
CVSS 4.8
CVE-2024-51506 MEDIUM
Tiki < 27.0 - Stored Cross-Site Scripting in Wiki Page Description
CVSS 4.8
CVE-2024-48195 MEDIUM
eyoucms 1.6.7 - Cross-Site Scripting via Post Parameter
CVSS 6.1
CVE-2024-5532 MEDIUM
OpenText Operations Agent 12.20-12.26 - Authenticated Stored Cross-Site Scripting in Internal Status Page
CVSS 4.8
CVE-2024-50437 MEDIUM
GeoDirectory <= 2.3.80 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-50433 MEDIUM
Sky Addons for Elementor <= 2.5.15 - Cross-Site Scripting
CVSS 6.5
CVE-2024-50432 MEDIUM
PickPlugins Post Grid & Gutenberg Blocks <2.2.93 - XSS
CVSS 6.5
CVE-2024-50431 MEDIUM
Cloudways Breeze <= 2.1.14 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-50429 MEDIUM
WPBlockArt Magazine Blocks <1.3.15 - XSS
CVSS 6.5
CVE-2024-50469 MEDIUM
Team Bright Vessel Textboxes <0.1.3.1 - XSS
CVSS 6.5
CVE-2024-50468 MEDIUM
Raptor Editor <= 1.0.20 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-50467 MEDIUM
Scrollbar by webxapp < 1.3.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-50464 MEDIUM
Pierre Lebedel Kodex Posts likes <2.5.0 - XSS
CVSS 6.5
CVE-2024-50462 MEDIUM
Fla-shop Interactive World Map <3.4.4 - XSS
CVSS 6.5
CVE-2024-50461 MEDIUM
WPDeveloper EmbedPress <= 4.0.14 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-50460 MEDIUM
Firelight Lightbox <= 2.3.3 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-50458 MEDIUM
Advanced Sermons <= 3.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-50451 MEDIUM
Pluginus Meta Data And Taxonomies Filter < 1.3.3.5 - XSS
CVSS 6.5
Details
Vulnerabilities 45,440
Exploit Likelihood High