CWE-79 CVEs and Security Vulnerabilities

Filtered by CWE-79

Search

Switch to Advanced Search (Beta)

Total 43656 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-54024	1 Wordpress	1 Wordpress	2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Greg Winiarski WPAdverts wpadverts allows DOM-Based XSS.This issue affects WPAdverts: from n/a through <= 2.2.5.
CVE-2025-54027	2 Schiocco, Wordpress	2 Support Board, Wordpress	2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through <= 3.8.0.
CVE-2025-54046	1 Wordpress	1 Wordpress	2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs Cost Calculator ql-cost-calculator allows Stored XSS.This issue affects Cost Calculator: from n/a through <= 7.4.
CVE-2025-39372			2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in elbisnero WordPress Events Calendar Registration & Tickets wpeventplus allows Reflected XSS.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through <= 2.6.0.
CVE-2025-39382			2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in danielpataki ACF: Google Font Selector acf-google-font-selector-field allows Reflected XSS.This issue affects ACF: Google Font Selector: from n/a through <= 3.0.1.
CVE-2025-0595			2026-04-15	8.7 High
A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
CVE-2025-39397			2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus@hotmail.com Anything Popup anything-popup allows Reflected XSS.This issue affects Anything Popup: from n/a through <= 7.3.
CVE-2025-0827			2026-04-15	8.7 High
A stored Cross-site Scripting (XSS) vulnerability affecting 3DPlay in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
CVE-2025-39407	1 Caseproof	1 Memberpress	2026-04-15	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Caseproof, LLC Memberpress allows Reflected XSS.This issue affects Memberpress: from n/a before 1.12.0.
CVE-2025-39409			2026-04-15	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pressaholic WordPress Video Robot - The Ultimate Video Importer.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through 1.20.0.
CVE-2025-39420			2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ruudkok WP Twitter Button wp-twitter-button allows Stored XSS.This issue affects WP Twitter Button: from n/a through <= 1.4.1.
CVE-2025-39432	1 Wordpress	1 Wordpress	2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in antonchanning bbPress2 shortcode whitelist bbpress2-shortcode-whitelist allows Stored XSS.This issue affects bbPress2 shortcode whitelist: from n/a through <= 2.2.1.
CVE-2025-39444	1 Maxfoundry	1 Maxbuttons	2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in maxfoundry MaxButtons maxbuttons allows Stored XSS.This issue affects MaxButtons: from n/a through <= 9.8.3.
CVE-2025-39464	1 Wordpress	1 Wordpress	2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rtowebsites AdminQuickbar adminquickbar allows Reflected XSS.This issue affects AdminQuickbar: from n/a through <= 1.9.1.
CVE-2025-39478	1 Wordpress	1 Wordpress	2026-04-15	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in smartiolabs Smart Notification allows Reflected XSS. This issue affects Smart Notification: from n/a through 10.3.
CVE-2025-39497	2 Dokan, Wordpress	2 Dokan Pro Plugin, Wordpress	2026-04-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dokan Dokan Pro allows Stored XSS.This issue affects Dokan Pro: from n/a through 3.14.5.
CVE-2025-39502			2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoodLayers Goodlayers Hostel gdlr-hostel allows Reflected XSS.This issue affects Goodlayers Hostel: from n/a through <= 3.1.2.
CVE-2025-39514	1 Asgaros	1 Asgaros Forum	2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Asgaros Asgaros Forum asgaros-forum allows Stored XSS.This issue affects Asgaros Forum: from n/a through <= 3.2.1.
CVE-2025-39515			2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tnomi Attendance Manager attendance-manager allows Stored XSS.This issue affects Attendance Manager: from n/a through <= 0.6.2.
CVE-2025-39539			2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brewlabs WP Email Delivery wp-email-delivery allows Reflected XSS.This issue affects WP Email Delivery: from n/a through <= 1.20.11.23.

« first previous Page 242 of 2183. next last »