CWE-79 CVEs and Security Vulnerabilities

Filtered by CWE-79

Search

Switch to Advanced Search (Beta)

Total 42920 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-27440	2 Saadiqbal, Wordpress	2 Mycred, Wordpress	2026-04-01	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal myCred mycred allows Stored XSS.This issue affects myCred: from n/a through <= 2.9.7.6.
CVE-2026-27360	2 10web, Wordpress	2 Photo Gallery, Wordpress	2026-04-01	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Stored XSS.This issue affects Photo Gallery by 10Web: from n/a through <= 1.8.38.
CVE-2026-25472	2 Themefusion, Wordpress	2 Fusion Builder, Wordpress	2026-04-01	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows Stored XSS.This issue affects Fusion Builder: from n/a through <= 3.14.1.
CVE-2026-25451	2 Bold-themes, Wordpress	2 Bold Page Builder, Wordpress	2026-04-01	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Builder bold-page-builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through <= 5.6.9.
CVE-2026-24630	2 Design, Wordpress	2 Stylish Cost Calculator, Wordpress	2026-04-01	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Design Stylish Cost Calculator stylish-cost-calculator allows Stored XSS.This issue affects Stylish Cost Calculator: from n/a through <= 8.2.5.
CVE-2026-24620	2 Pluginops, Wordpress	2 Landing Page Builder, Wordpress	2026-04-01	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginOps Landing Page Builder page-builder-add allows Stored XSS.This issue affects Landing Page Builder: from n/a through <= 1.5.3.4.
CVE-2026-24614	1 Wordpress	1 Wordpress	2026-04-01	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Devsbrain Flex QR Code Generator flex-qr-code-generator allows DOM-Based XSS.This issue affects Flex QR Code Generator: from n/a through <= 1.2.10.
CVE-2026-24555	2 Artplacer, Wordpress	2 Artplacer Widget, Wordpress	2026-04-01	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in artplacer ArtPlacer Widget artplacer-widget allows Stored XSS.This issue affects ArtPlacer Widget: from n/a through <= 2.23.2.
CVE-2026-24550	1 Wordpress	1 Wordpress	2026-04-01	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kaira Blockons blockons allows Stored XSS.This issue affects Blockons: from n/a through <= 1.2.19.
CVE-2026-22357	2 Spencer Haws, Wordpress	2 Link Whisper Free, Wordpress	2026-04-01	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper Free: from n/a through <= 0.9.2.
CVE-2025-69051	1 Wordpress	1 Wordpress	2026-04-01	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CridioStudio ListingPro Reviews listingpro-reviews allows Reflected XSS.This issue affects ListingPro Reviews: from n/a through < 2.9.11.
CVE-2025-69017	2 Magnigenie, Wordpress	2 Restropress, Wordpress	2026-04-01	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magnigenie RestroPress restropress allows Stored XSS.This issue affects RestroPress: from n/a through <= 3.2.8.4.
CVE-2025-68887	2 Cmsjunkie, Wordpress	2 J-businessdirectory, Wordpress	2026-04-01	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Reflected XSS.This issue affects WP-BusinessDirectory: from n/a through <= 4.0.1.
CVE-2025-68864	2 Infility, Wordpress	2 Infility Global, Wordpress	2026-04-01	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Infility Infility Global infility-global allows Stored XSS.This issue affects Infility Global: from n/a through <= 2.15.06.
CVE-2025-68852	2 Webmuehle, Wordpress	2 Court Reservation, Wordpress	2026-04-01	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webmuehle Court Reservation court-reservation allows Reflected XSS.This issue affects Court Reservation: from n/a through <= 1.10.11.
CVE-2025-68605	2 Pickplugins, Wordpress	2 Post Grid, Wordpress	2026-04-01	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.3.23.
CVE-2025-68598	2 Livecomposer, Wordpress	2 Page Builder: Live Composer, Wordpress	2026-04-01	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiveComposer Page Builder: Live Composer live-composer-page-builder allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through <= 2.1.11.
CVE-2025-68597	2 Blueglass, Wordpress	2 Jobs For Wordpress, Wordpress	2026-04-01	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through <= 2.8.1.
CVE-2025-68566	2 Wordpress, Wphocus	2 Wordpress, My Auctions Allegro	2026-04-01	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Stored XSS.This issue affects My auctions allegro: from n/a through <= 3.6.35.
CVE-2025-68070	2 Vektor, Wordpress	2 Vk Google Job Posting Manager, Wordpress	2026-04-01	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vektor,Inc. VK Google Job Posting Manager vk-google-job-posting-manager allows Stored XSS.This issue affects VK Google Job Posting Manager: from n/a through <= 1.2.22.

« first previous Page 164 of 2146. next last »