CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,468 vulnerabilities with CWE-79
CVE-2024-6575
MEDIUM
The Plus Addons for Elementor - WooCommerce <5.6.2 - XSS
CVSS 6.4
CVE-2024-5763
MEDIUM
The Plus Addons for Elementor < 5.6.3 - Authenticated Stored Cross-Site Scripting via Video Widget Date Attribute
CVSS 6.4
CVE-2024-7948
LOW
SourceCodester Accounts Manager App 1.0 - Cross-Site Scripting via Update Account Page
CVSS 3.5
CVE-2024-7945
LOW
Laravel Property Management System 1.0 - Cross-Site Scripting in Notes Page
CVSS 3.5
CVE-2024-7942
LOW
SourceCodester Leads Manager Tool 1.0 - Cross-Site Scripting via Phone Number Parameter
CVSS 3.5
CVE-2024-7929
MEDIUM
SourceCodester Simple Forum Website 1.0 - Cross-Site Scripting via Registration Username Parameter
CVSS 5.3
CVE-2024-43317
MEDIUM
Metagauss RegistrationMagic <6.0.1.0 - XSS
CVSS 4.3
CVE-2024-23729
MEDIUM
ColorOS Internet Browser 45.10.3.4.1 - Remote Code Execution via RealBrowserActivity Component
CVSS 6.1
CVE-2024-43400
CRITICAL
XWiki < 14.10.21 - Stored Cross-Site Scripting via Crafted URL
CVSS 9.0
CVE-2024-25582
MEDIUM
OX App Suite < 7.10.6-rev42 - Cross-Site Scripting via Savepoint Module
CVSS 5.4
CVE-2024-6843
MEDIUM
Chatbot with ChatGPT WP <2.4.5 - XSS
CVSS 6.1
CVE-2024-7916
LOW
life_insurance_management_system 1.0 - Cross-Site Scripting via Add Nominee Page Nominee-Client ID Parameter
CVSS 3.5
CVE-2024-7914
LOW
Yoga Class Registration System 1.0 - Cross-Site Scripting via SystemSettings.php Address Parameter
CVSS 3.5
CVE-2024-43294
MEDIUM
Bold Timeline Lite < 1.2.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43292
MEDIUM
EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce <1....
CVSS 5.9
CVE-2024-43291
MEDIUM
Void Contact Form 7 Widget For Elementor Page Builder <2.4.1 - XSS
CVSS 5.9
CVE-2024-43284
MEDIUM
WP Travel Gutenberg Blocks <3.5.1 - XSS
CVSS 6.5
CVE-2024-43279
HIGH
Tribulant Newsletters < 4.9.8 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-43278
MEDIUM
Phi Phan Meta Field Block <1.2.13 - XSS
CVSS 6.5
CVE-2024-43267
MEDIUM
Mega Addons For Elementor <1.9 - XSS
CVSS 6.5
CVE-2024-43263
MEDIUM
Visual Composer Starter < 3.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43262
MEDIUM
Busiprof <= 2.4.8 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43246
HIGH
WHMpress < 6.2-revision-5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-43244
HIGH
Houzez < 3.2.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-43241
HIGH
Ultimate Membership Pro <12.6 - XSS
CVSS 7.1
Details
Vulnerabilities
45,468
Exploit Likelihood
High