CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,472 vulnerabilities with CWE-79
CVE-2024-43124 MEDIUM
Iqonic Design Graphina <1.8.10 - XSS
CVSS 6.5
CVE-2024-43123 MEDIUM
Techeshta Card Elements for Elementor <1.2.2 - XSS
CVSS 6.5
CVE-2024-35775 MEDIUM
Slider by Soliloquy <= 2.7.6 - Cross-Site Scripting
CVSS 5.9
CVE-2024-7590 MEDIUM
Spectra <= 2.14.1 - DOM-Based Cross-Site Scripting
CVSS 6.5
CVE-2024-43226 MEDIUM
Jeroen Sormani WP Dashboard Notes <1.0.11 - XSS
CVSS 6.5
CVE-2024-43225 MEDIUM
ThemeLooks Enter Addons <2.1.7 - XSS
CVSS 6.5
CVE-2024-43224 MEDIUM
YaMaps for WordPress <= 0.6.27 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43220 HIGH
Form Maker by 10Web < 1.15.26 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-43218 MEDIUM
Mediavine Control Panel <2.10.4 - XSS
CVSS 6.5
CVE-2024-43217 HIGH
Kodex Posts likes <= 2.5.0 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-43216 MEDIUM
Filr - Secure document library <= 1.2.4 - Cross-Site Scripting
CVSS 6.5
CVE-2024-43213 HIGH
MultiVendorX WC Marketplace <4.1.17 - XSS
CVSS 7.1
CVE-2024-43210 MEDIUM
LA-Studio Element Kit for Elementor <= 1.3.9.2 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43164 MEDIUM
Blockspare < 3.2.0 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43163 HIGH
ParcelPanel < 4.3.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-43161 MEDIUM
Averta Depicter Slider <3.1.2 - XSS
CVSS 5.9
CVE-2024-43156 HIGH
AddonMaster Post Grid Master <3.4.10 - XSS
CVSS 7.1
CVE-2024-43155 MEDIUM
PickPlugins ComboBlocks <2.2.86 - XSS
CVSS 6.5
CVE-2024-43152 MEDIUM
3D FlipBook - PDF Flipbook Viewer, Flipbook Image Gallery <= 1.15.6 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-43151 MEDIUM
Brainstorm Force Ultimate Addons <1.5.9 - XSS
CVSS 6.5
CVE-2024-43359 NONE
ZoneMinder < 1.36.34 - Cross-Site Scripting via Montagereview Parameters
CVE-2024-43358 MEDIUM
ZoneMinder < 1.36.34 - Cross-Site Scripting via Filter View Id Parameter
CVSS 6.1
CVE-2024-43233 HIGH
BannerSky BSK Forms Blacklist <3.8 - XSS
CVSS 7.1
CVE-2024-43231 MEDIUM
Themeum Tutor LMS <= 2.7.3 - Stored Cross-Site Scripting
CVSS 6.5
CVE-2024-43227 MEDIUM
WPDeveloper BetterDocs <3.5.8 - XSS
CVSS 6.5
Details
Vulnerabilities 45,472
Exploit Likelihood High