CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,456 vulnerabilities with CWE-79
CVE-2024-44042 MEDIUM
WP Datepicker <= 2.1.1 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-44041 MEDIUM
IdeaPush <= 8.66 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-47355 MEDIUM
Cozy Blocks <= 2.0.11 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-47352 HIGH
Xylus Themes WP Bulk Delete <1.3.1 - XSS
CVSS 7.1
CVE-2024-47349 HIGH
WPMobile.App <= 11.50 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-47348 HIGH
WaspThemes YellowPencil <7.6.4 - XSS
CVSS 7.1
CVE-2024-47347 HIGH
Chartify <= 2.7.6 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-47346 HIGH
Tribulant Newsletters <4.9.9.1 - XSS
CVSS 7.1
CVE-2024-47345 MEDIUM
Brainstorm Force Starter Templates <4.4.0 - XSS
CVSS 5.9
CVE-2024-47343 MEDIUM
Kraftplugins Mega Elements <1.2.4 - XSS
CVSS 6.5
CVE-2024-47342 MEDIUM
PickPlugins Accordion <2.2.99 - XSS
CVSS 6.5
CVE-2024-47341 HIGH
WP-DownloadManager <= 1.68.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-47340 MEDIUM
PickPlugins Post Grid & Gutenberg Blocks <2.2.89 - XSS
CVSS 6.5
CVE-2024-47339 HIGH
WP Mail Catcher <= 2.1.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-47336 MEDIUM
Vladimir Statsenko Terms <3.4.6 - XSS
CVSS 5.9
CVE-2024-47333 HIGH
Loops & Logic <= 4.1.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-47332 MEDIUM
Sky Addons for Elementor <= 2.5.11 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-47329 MEDIUM
QuomodoSoft ElementsReady <6.4.0 - XSS
CVSS 6.5
CVE-2024-47327 HIGH
GEO my WordPress <= 4.5.0.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-47326 HIGH
Share This Image <= 2.01 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-47368 MEDIUM
Leap13 Premium Blocks - Gutenberg Blocks for WordPress <2.1.33 - XSS
CVSS 6.5
CVE-2024-47367 HIGH
YITH WooCommerce Product Add-Ons <4.13.0 - XSS
CVSS 7.1
CVE-2024-47366 MEDIUM
WPVibes Elementor Addon Elements <1.13.6 - XSS
CVSS 6.5
CVE-2024-47365 MEDIUM
Automatically Hierarchic Categories in Menu <= 2.0.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-47364 MEDIUM
Move Addons for Elementor <1.3.4 - XSS
CVSS 6.5
Details
Vulnerabilities 45,456
Exploit Likelihood High