CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,456 vulnerabilities with CWE-79
CVE-2024-47363 MEDIUM
Blockspare <= 3.2.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-47360 HIGH
Booking Algorithms BA Book Everything <1.6.20 - XSS
CVSS 7.1
CVE-2024-47357 MEDIUM
Leevio Happy Addons for Elementor <3.12.0 - XSS
CVSS 6.5
CVE-2024-47356 MEDIUM
catchthemes Create <= 2.9.1 - Stored Cross-Site Scripting
CVSS 5.1
CVE-2024-47377 MEDIUM
ThemeKraft BuddyForms <2.8.12 - XSS
CVSS 5.9
CVE-2024-47376 MEDIUM
Tribulant Slideshow Gallery <1.8.3 - XSS
CVSS 5.9
CVE-2024-47375 MEDIUM
Ashraf XLTab - Accordions and Tabs for Elementor Page Builder <1.3 ...
CVSS 6.5
CVE-2024-47374 HIGH
LiteSpeed Cache <= 6.5.0.2 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2024-47373 MEDIUM
LiteSpeed Cache <= 6.5.0.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-47372 MEDIUM
TNC PDF viewer < 3.1.0 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-47371 MEDIUM
Walter Pinem WP MyLinks <1.0.6 - XSS
CVSS 5.9
CVE-2024-47370 MEDIUM
Author Avatars List/Block <2.1.21 - XSS
CVSS 6.5
CVE-2024-47369 HIGH
WPWeb Social Auto Poster <5.3.15 - XSS
CVSS 7.1
CVE-2024-47624 HIGH
BannerSky BSK Forms Blacklist <3.8.1 - XSS
CVSS 7.1
CVE-2024-47623 MEDIUM
GhozyLab, Inc. Gallery Lightbox <1.0.0.39 - XSS
CVSS 5.9
CVE-2024-47622 MEDIUM
ILLID Advanced Woo Labels <2.01 - XSS
CVSS 6.5
CVE-2024-47621 MEDIUM
Zotpress <= 7.3.10 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-47395 HIGH
Robokassa payment gateway for Woocommerce <= 1.6.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-47394 HIGH
JobSearch <= 2.5.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-47393 MEDIUM
Quill Forms <= 3.7.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-47392 MEDIUM
bdthemes Element Pack Elementor Addons <= 5.7.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-47391 MEDIUM
BoldThemes Bold Page Builder <5.1.1 - XSS
CVSS 6.5
CVE-2024-47390 MEDIUM
Jegtheme Jeg Elementor Kit <2.6.8 - XSS
CVSS 6.5
CVE-2024-47389 HIGH
Basix NEX-Forms - Ultimate Form Builder <8.7.3 - XSS
CVSS 7.1
CVE-2024-47388 HIGH
SliceWP <= 1.1.18 - Reflected Cross-Site Scripting
CVSS 7.1
Details
Vulnerabilities 45,456
Exploit Likelihood High