CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,456 vulnerabilities with CWE-79
CVE-2024-47387 MEDIUM
LinkGraph Search Atlas SEO <1.8.2 - XSS
CVSS 5.9
CVE-2024-47386 HIGH
The Ultimate WordPress Toolkit - WP Extended <= 3.0.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-47385 MEDIUM
WPDeveloper Essential Blocks <4.8.4 - XSS
CVSS 6.5
CVE-2024-47384 HIGH
WP Compress - All-In-One <6.20.13 - XSS
CVSS 7.1
CVE-2024-47383 MEDIUM
Webangon The Pack Elementor <2.0.8.8 - XSS
CVSS 5.9
CVE-2024-47382 MEDIUM
Page-list <= 5.6 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-47381 MEDIUM
Averta Depicter Slider <3.2.2 - XSS
CVSS 5.9
CVE-2024-47380 HIGH
WP Lab WP-Lister Lite for eBay <3.6.3 - XSS
CVSS 7.1
CVE-2024-47379 HIGH
Web Directory Free <= 1.7.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-47378 HIGH
WPCOM Member <= 1.5.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-47630 MEDIUM
ElementInvader Addons for Elementor <1.2.7 - XSS
CVSS 6.5
CVE-2024-47629 MEDIUM
BdThemes Ultimate Store Kit Elementor Addons <2.0.5 - XSS
CVSS 6.5
CVE-2024-47628 MEDIUM
LA-Studio Element Kit for Elementor <= 1.3.9.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-47627 MEDIUM
WP Travel Gutenberg Blocks <3.6.0 - XSS
CVSS 6.5
CVE-2024-47626 MEDIUM
Rometheme RomethemeKit For Elementor <1.5.0 - XSS
CVSS 6.5
CVE-2024-47625 MEDIUM
ThemeLooks Enter Addons <2.1.8 - XSS
CVSS 6.5
CVE-2024-47647 MEDIUM
HelpieWP Accordion & FAQ <1.27 - XSS
CVSS 5.9
CVE-2024-47644 HIGH
Copyscape Premium <= 1.3.9 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2024-47643 MEDIUM
Include Fussball.De Widgets <4.0.0 - XSS
CVSS 6.5
CVE-2024-47642 MEDIUM
Keap Official Opt-in Forms <= 2.0.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-47639 MEDIUM
VdoCipher <= 1.29 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-47638 HIGH
vCita Online Booking & Scheduling Calendar for WordPress <4.4.6 - XSS
CVSS 7.1
CVE-2024-47633 MEDIUM
Zoho Forms <= 4.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-47632 MEDIUM
DethemeKit For Elementor <2.1.7 - XSS
CVSS 6.5
CVE-2024-47631 MEDIUM
bPlugins LLC Logo Carousel - Clients <1.2 - XSS
CVSS 6.5
Details
Vulnerabilities 45,456
Exploit Likelihood High