CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,450 vulnerabilities with CWE-79
CVE-2024-44025
MEDIUM
NiceJob < 3.6.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-44024
MEDIUM
NicheAddons Medical Addon <1.4 - XSS
CVSS 6.5
CVE-2024-44022
MEDIUM
Trustmary Review & testimonial widgets <= 1.0.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-44010
MEDIUM
Full frame <= 2.7.2 - Stored Cross-Site Scripting
CVSS 5.1
CVE-2024-47322
HIGH
Ex-Themes WP Timeline - Vertical & Horizontal <3.6.7 - XSS
CVSS 7.1
CVE-2024-47320
HIGH
WS Form LITE <= 1.9.238 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2024-47313
MEDIUM
Catch Base <= 3.4.6 - Stored Cross-Site Scripting
CVSS 5.1
CVE-2024-47310
MEDIUM
ARI Fancy Lightbox <= 1.3.17 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-47307
MEDIUM
Essential Plugin Meta slider & carousel - XSS
CVSS 6.5
CVE-2024-47306
HIGH
Copy Content Protection <4.2.3 - XSS
CVSS 7.1
CVE-2024-47301
HIGH
Bit Form - Contact Form Plugin <2.13.10 - XSS
CVSS 7.1
CVE-2024-47300
HIGH
CubeWP Forms - All-in-One Form Builder <= 1.1.1 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2024-47299
MEDIUM
Coming Soon Page, Under Construction & Maintenance Mode by SeedProd <= 6.17.4 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-47298
MEDIUM
BoldThemes Bold Page Builder <5.1.1 - XSS
CVSS 6.5
CVE-2024-47297
HIGH
CP Polls <= 1.0.74 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-45454
HIGH
Unlimited Elements For Elementor <1.5.121 - XSS
CVSS 7.1
CVE-2024-44046
MEDIUM
Themify - WooCommerce Product Filter <= 1.5.1 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-44045
MEDIUM
WP Abstracts <= 2.6.5 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-44043
MEDIUM
10Web Photo Gallery < 1.8.27 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-44042
MEDIUM
WP Datepicker <= 2.1.1 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-44041
MEDIUM
IdeaPush <= 8.66 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-47355
MEDIUM
Cozy Blocks <= 2.0.11 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-47352
HIGH
Xylus Themes WP Bulk Delete <1.3.1 - XSS
CVSS 7.1
CVE-2024-47349
HIGH
WPMobile.App <= 11.50 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-47348
HIGH
WaspThemes YellowPencil <7.6.4 - XSS
CVSS 7.1
Details
Vulnerabilities
45,450
Exploit Likelihood
High