CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,445 vulnerabilities with CWE-79
CVE-2024-10192
LOW
PHPGurukul IFSC Code Finder Project 1.0 - XSS
CVSS 3.5
CVE-2024-10191
LOW
PHPGurukul Boat Booking System 1.0 - XSS
CVSS 3.5
CVE-2024-10155
LOW
PHPGurukul Boat Booking System 1.0 - XSS
CVSS 3.5
CVE-2024-10142
LOW
code-projects Blood Bank System 1.0 - Cross-Site Scripting in /viewrequest.php
CVSS 3.5
CVE-2024-9897
MEDIUM
StreamWeasels Twitch Integration <= 1.8.6 - Authenticated Stored Cross-Site Scripting via sw-twitch-embed Shortcode
CVSS 6.4
CVE-2024-9219
MEDIUM
Social Share Buttons < 1.19 - Unauthenticated Reflected Cross-Site Scripting via add_query_arg
CVSS 6.1
CVE-2024-9674
MEDIUM
Debrandify < 1.1.3 - Authenticated Stored Cross-Site Scripting via SVG File Upload
CVSS 6.4
CVE-2024-43300
MEDIUM
Movie Database <1.0.11 - Stored XSS
CVSS 5.9
CVE-2024-9425
MEDIUM
Advanced Category and Custom Taxonomy Image <= 1.0.9 - Stored XSS via ad_tax_image Shortcode
CVSS 6.4
CVE-2024-49241
MEDIUM
tady Tito tito <= 2.3 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-49240
HIGH
AB Categories Search Widget <= 0.2.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-49239
HIGH
Add Categories Post Footer < 2.2.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-49238
HIGH
ADIF Log Search Widget <= 1.0f - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-49236
MEDIUM
Crazy Call To Action Box <= 1.0.5 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-49234
MEDIUM
Plexx Elementor Extension <= 1.3.6 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-49233
MEDIUM
MadrasThemes MAS Elementor <= 1.1.6 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-49232
MEDIUM
El mejor Cluster <= 1.1.15 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-49231
MEDIUM
WordPress Video < 1.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-49230
MEDIUM
Ajax Custom CSS/JS <= 2.0.4 - Reflected Cross-Site Scripting
CVSS 6.5
CVE-2024-49228
MEDIUM
bVerse Convert <= 1.3.7.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-49225
MEDIUM
wpPricing Builder <= 1.5.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-49224
HIGH
Mitm Bug Tracker <= 1.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-10057
MEDIUM
WordPress RSS Feed Widget <2.9.9 - XSS
CVSS 6.4
CVE-2024-47486
MEDIUM
HikCentral Master Lite < 2.3.0 - Stored Cross-Site Scripting
CVSS 6.1
CVE-2024-10080
MEDIUM
WP Easy Post Types <= 1.4.4 - Authenticated Stored Cross-Site Scripting via Post Meta
CVSS 6.4
Details
Vulnerabilities
45,445
Exploit Likelihood
High