CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,468 vulnerabilities with CWE-79
CVE-2024-43304 HIGH
Cool Plugins Cryptocurrency Widgets - XSS
CVSS 7.1
CVE-2024-43303 HIGH
Videousermanuals.Com White Label CMS <2.7.4 - XSS
CVSS 7.1
CVE-2024-43321 MEDIUM
PickPlugins Team Showcase <1.22.23 - XSS
CVSS 6.5
CVE-2024-43320 MEDIUM
Livemesh Addons for WPBakery Page Builder <3.9 - XSS
CVSS 6.5
CVE-2024-43318 MEDIUM
E2Pdf e2pdf <= 1.25.05 - Cross-Site Scripting
CVSS 6.5
CVE-2024-43313 HIGH
FormFacade <= 1.3.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-43309 MEDIUM
WP Socio WP Telegram Widget & Join Link <2.1.27 - XSS
CVSS 6.5
CVE-2024-43308 MEDIUM
Gutentor < 3.3.5 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43307 MEDIUM
Structured Content <= 1.6.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43306 MEDIUM
WP-Lister Lite for eBay <3.6.0 - XSS
CVSS 6.5
CVE-2024-43305 MEDIUM
Custom Layouts - Post + Product grids made easy <= 1.4.11 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43352 MEDIUM
Organic Themes GivingPress Lite <1.8.6 - XSS
CVSS 6.5
CVE-2024-43351 MEDIUM
CryoutCreations Bravada <1.1.2 - XSS
CVSS 6.5
CVE-2024-43349 MEDIUM
AREOI All Bootstrap Blocks <1.3.19 - XSS
CVSS 6.5
CVE-2024-43348 HIGH
Purity Of Soul <= 1.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-43347 MEDIUM
VirusTran Button contact VR <4.7.3 - XSS
CVSS 5.9
CVE-2024-43346 MEDIUM
Wow-Company Modal Window < 6.0.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43344 MEDIUM
Icegram < 3.1.25 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43342 MEDIUM
BdThemes Ultimate Store Kit Elementor Addons < 1.6.4 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43335 MEDIUM
CyberChimps Responsive Blocks - WordPress Gutenberg Blocks <1.8.9 -...
CVSS 6.5
CVE-2024-43330 HIGH
PowerPack for Beaver Builder <2.37.4 - XSS
CVSS 7.1
CVE-2024-43329 MEDIUM
Allegiant < 1.2.7 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43327 HIGH
Boone Gorges Invite Anyone <1.4.7 - XSS
CVSS 7.1
CVE-2024-43324 MEDIUM
Clever Addons for Elementor <2.2.0 - XSS
CVSS 5.9
CVE-2024-43276 HIGH
Child Theme Creator <= 1.5.4 - Reflected Cross-Site Scripting
CVSS 7.1
Details
Vulnerabilities 45,468
Exploit Likelihood High