CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,468 vulnerabilities with CWE-79
CVE-2024-44779
CRITICAL
vtiger CRM 7.4.0 - Reflected Cross-Site Scripting via Viewname Parameter
CVSS 9.6
CVE-2024-44778
CRITICAL
vtiger CRM 7.4.0 - Reflected Cross-Site Scripting via Parent Parameter
CVSS 9.6
CVE-2024-44777
CRITICAL
vtiger CRM 7.4.0 - Reflected Cross-Site Scripting via Tag Parameter
CVSS 9.6
CVE-2024-44717
MEDIUM
DedeBIZ 6.3.0 - Cross-Site Scripting
CVSS 6.1
CVE-2024-44716
MEDIUM
DedeBIZ 6.3.0 - Cross-Site Scripting
CVSS 6.1
CVE-2024-43964
MEDIUM
DSGVO All in one for WP < 4.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43963
HIGH
WaspThemes YellowPencil Visual CSS Style Editor <= 7.6.1 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-43961
MEDIUM
azurecurve Toggle Show/Hide <= 2.1.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43960
MEDIUM
Web and WooCommerce Addons for WPBakery Builder <= 1.4.6 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-43958
HIGH
Gianni Porto IntoTheDark < 1.0.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-43953
MEDIUM
Classic Addons - WPBakery Page Builder <= 3.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43952
MEDIUM
CryoutCreations Esotera <= 1.2.5.1 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43951
MEDIUM
CryoutCreations Tempera <= 1.8.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43950
HIGH
Nextbricks Bricksore < 1.4.2.5 - XSS
CVSS 7.1
CVE-2024-43949
MEDIUM
Automattic GHActivity <= 2.0.0-alpha - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43948
HIGH
Dinesh Karki WP Armour Extended <= 1.26 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-43946
MEDIUM
SKT Blocks < 1.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43936
MEDIUM
WPDeveloper EmbedPress <= 4.0.8 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43935
MEDIUM
WP Delicious Delicious Recipes - WordPress Recipe Plugin <= 1.6.7 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43934
MEDIUM
Collapsing Archives <= 3.0.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43926
HIGH
Beaver Builder < 2.8.3.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-45045
MEDIUM
Collabora Online < 24.04.6.2 - Cross-Site Scripting via URL-Encoded Link Values
CVSS 6.3
CVE-2024-44919
MEDIUM
SeaCMS 12.9 - Stored Cross-Site Scripting in admin_ads.php via Ad Description Parameter
CVSS 5.4
CVE-2024-1056
MEDIUM
FunnelKit Funnel Builder Pro <= 3.4.5 - Authenticated Stored XSS via 'allow_iframe_tag_in_post'
CVSS 6.4
CVE-2024-1384
MEDIUM
Averta Auxinportfolio < 2.3.3 - XSS
CVSS 6.4
Details
Vulnerabilities
45,468
Exploit Likelihood
High