Filtered by CWE-79

Search

Switch to Advanced Search (Beta)
Total 40867 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-58248 2 Codefish, Wordpress 2 Pinterest Pinboard Widget, Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codefish Pinterest Pinboard Widget allows Stored XSS. This issue affects Pinterest Pinboard Widget: from n/a through 1.0.7.
CVE-2025-58245 2 Bestweblayout, Wordpress 2 Portfolio, Wordpress 2025-09-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bestweblayout Portfolio allows DOM-Based XSS. This issue affects Portfolio : from n/a through 2.58.
CVE-2025-58242 2 Vadim Bogaiskov, Wordpress 2 Bg Church Memos, Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vadim Bogaiskov Bg Church Memos allows DOM-Based XSS. This issue affects Bg Church Memos: from n/a through 1.1.
CVE-2025-58241 1 Wordpress 1 Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in snapwidget SnapWidget Social Photo Feed Widget allows DOM-Based XSS. This issue affects SnapWidget Social Photo Feed Widget: from n/a through 1.1.0.
CVE-2025-58240 2 Wordpress, Xiligroup 2 Wordpress, Xili-tidy-tags 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michel - xiligroup dev xili-tidy-tags allows Stored XSS. This issue affects xili-tidy-tags: from n/a through 1.12.06.
CVE-2025-58239 1 Wordpress 1 Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chandrika Sista WP Category Dropdown allows Stored XSS. This issue affects WP Category Dropdown: from n/a through 1.9.
CVE-2025-58238 2 Ontraport, Wordpress 2 Pilotpress, Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ONTRAPORT PilotPress allows Stored XSS. This issue affects PilotPress: from n/a through 2.0.35.
CVE-2025-58237 1 Wordpress 1 Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Niaj Morshed LC Wizard allows Stored XSS. This issue affects LC Wizard: from n/a through 1.3.0.
CVE-2025-58235 1 Wordpress 1 Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rustaurius Front End Users allows Stored XSS. This issue affects Front End Users: from n/a through 3.2.33.
CVE-2025-58234 2 Joomsky, Wordpress 2 Js Job Manager, Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomSky JS Job Manager allows Stored XSS. This issue affects JS Job Manager: from n/a through 2.0.2.
CVE-2025-58233 1 Wordpress 1 Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Guaven Labs SQL Chart Builder allows DOM-Based XSS. This issue affects SQL Chart Builder: from n/a through 2.3.7.2.
CVE-2025-58232 1 Wordpress 1 Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ickata Image Editor by Pixo allows DOM-Based XSS. This issue affects Image Editor by Pixo: from n/a through 2.3.8.
CVE-2025-58231 2 Bitly, Wordpress 2 Bitly, Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bitlydeveloper Bitly allows Stored XSS. This issue affects Bitly: from n/a through 2.7.4.
CVE-2025-58230 1 Wordpress 1 Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bdthemes ZoloBlocks allows DOM-Based XSS. This issue affects ZoloBlocks: from n/a through 2.3.9.
CVE-2025-58220 2 Techeshta, Wordpress 2 Card Elements For Wpbakery, Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Techeshta Card Elements for WPBakery allows DOM-Based XSS. This issue affects Card Elements for WPBakery: from n/a through 1.0.8.
CVE-2025-58033 1 Wordpress 1 Wordpress 2025-09-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in leeshadle Draft allows Stored XSS. This issue affects Draft: from n/a through 3.0.9.
CVE-2025-58031 2 Nextendweb, Wordpress 2 Nextend Facebook Connect, Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nextendweb Nextend Facebook Connect allows Stored XSS. This issue affects Nextend Facebook Connect : from n/a through 3.1.19.
CVE-2025-58271 1 Wordpress 1 Wordpress 2025-09-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AnyClip Video Platform AnyClip Luminous Studio allows Stored XSS. This issue affects AnyClip Luminous Studio: from n/a through 1.3.3.
CVE-2025-58646 1 Wordpress 1 Wordpress 2025-09-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in chtombleson Mobi2Go allows Stored XSS. This issue affects Mobi2Go: from n/a through 1.0.0.
CVE-2025-58684 2 Themepoints, Wordpress 2 Logo Showcase, Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Logo Showcase allows Stored XSS. This issue affects Logo Showcase: from n/a through 3.0.9.