CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,445 vulnerabilities with CWE-79
CVE-2024-49276 HIGH
Themis Solutions, Inc. Clio Grow <1.0.2 - XSS
CVSS 7.1
CVE-2024-49264 MEDIUM
Events Addon for Elementor <= 2.2.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-49263 MEDIUM
Takashi Matsuyama My Favorites <1.4.1 - XSS
CVSS 6.5
CVE-2024-49262 MEDIUM
wepic Country Flags for Elementor <1.0.2 - XSS
CVSS 6.5
CVE-2024-49261 MEDIUM
LOOS,Inc. Arkhe Blocks <2.23.0 - XSS
CVSS 6.5
CVE-2024-49259 MEDIUM
Primary Addon for Elementor <= 1.5.8 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-49255 MEDIUM
Daniele Alessandra Da Reactions <5.1.5 - XSS
CVSS 6.5
CVE-2024-49248 HIGH
Igor Funa Ad Inserter <2.7.37 - XSS
CVSS 7.1
CVE-2024-49319 MEDIUM
Awesome Contact Form7 for Elementor <3.0 - XSS
CVSS 6.5
CVE-2024-49316 HIGH
zodiac Akismet htaccess writer <1.0.1 - XSS
CVSS 7.1
CVE-2024-49311 MEDIUM
Edwiser Bridge <= 3.0.7 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-49310 MEDIUM
Themesflat Addons for Elementor <= 2.2.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-49309 HIGH
Digitally <= 1.0.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-49308 HIGH
Toast Plugins Animator <3.0.11 - XSS
CVSS 7.1
CVE-2024-49307 MEDIUM
Admin Management Xtended <2.4.6 - XSS
CVSS 6.5
CVE-2024-49302 MEDIUM
Portfoliohub WordPress Portfolio Builder - Portfolio Gallery <1.1.7...
CVSS 6.5
CVE-2024-49301 MEDIUM
Sinan Yorulmaz G Meta Keywords <1.4 - XSS
CVSS 6.5
CVE-2024-49298 MEDIUM
PeproDev Ultimate Invoice <2.0.6 - XSS
CVSS 6.5
CVE-2024-49296 MEDIUM
Coder426 Custom Add to Cart Button Label and Link <1.6.1 - XSS
CVSS 6.5
CVE-2024-49295 MEDIUM
PressTigers Simple Testimonials Showcase <1.1.6 - XSS
CVSS 5.9
CVE-2024-49292 MEDIUM
Exclusive Addons for Elementor <= 2.7.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-49289 MEDIUM
Gora Tech LLC Cooked Pro <1.8.0 - XSS
CVSS 6.5
CVE-2024-10101 MEDIUM
binary-husky/gpt_academic <3.83 - XSS
CVSS 5.4
CVE-2024-10099 MEDIUM
comfyanonymous/comfyui <0.2.2 - XSS
CVSS 6.1
CVE-2024-49229 HIGH
Better Author Bio <= 2.7.10.11 - Reflected Cross-Site Scripting
CVSS 7.1
Details
Vulnerabilities 45,445
Exploit Likelihood High