Filtered by CWE-79

Search

Switch to Advanced Search (Beta)
Total 43031 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-27987 2 Givewp, Wordpress 3 Give, Givewp, Wordpress 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a through <= 3.3.1.
CVE-2024-27965 1 Getwpfunnels 1 Wpfunnels 2026-04-01 4.8 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFunnels WPFunnels wpfunnels.This issue affects WPFunnels: from n/a through <= 3.0.6.
CVE-2024-27193 1 Woocommerce 1 Payu India Payment Gateway 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PayU India PayU India payu-india allows DOM-Based XSS.This issue affects PayU India: from n/a through <= 3.8.8.
CVE-2024-27188 2 Cloudways, Wordpress 2 Breeze, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cloudways Breeze breeze.This issue affects Breeze: from n/a through <= 2.1.3.
CVE-2024-25599 2 Castos, Wordpress 2 Seriously Simple Podcasting, Wordpress 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting.This issue affects Seriously Simple Podcasting: from n/a through <= 3.0.2.
CVE-2024-24878 1 Webdados 1 Portugal Ctt Tracking For Woocommerce 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marco Almeida | Webdados Portugal CTT Tracking for WooCommerce portugal-ctt-tracking-woocommerce.This issue affects Portugal CTT Tracking for WooCommerce: from n/a through <= 2.1.
CVE-2024-24871 1 Creativethemes 1 Blocksy 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in creativethemeshq Blocksy blocksy.This issue affects Blocksy: from n/a through <= 2.0.19.
CVE-2024-24831 1 Leap13 1 Premium Addons For Elementor 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor.This issue affects Premium Addons for Elementor: from n/a through <= 4.10.16.
CVE-2024-22307 1 Wplab 1 Wp-lister Lite For Ebay 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay.This issue affects WP-Lister Lite for eBay: from n/a through <= 3.5.7.
CVE-2024-22289 1 Cybernetikz 1 Post Views Stats 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CyberNetikz Post views Stats post-views-stats allows DOM-Based XSS.This issue affects Post views Stats: from n/a through <= 1.4.1.
CVE-2024-11402 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kubiq Block Editor Bootstrap Blocks block-editor-bootstrap-blocks allows Reflected XSS.This issue affects Block Editor Bootstrap Blocks: from n/a through <= 6.6.1.
CVE-2024-10676 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wojciechborowicz Conversion Helper conversion-helper allows Reflected XSS.This issue affects Conversion Helper: from n/a through <= 1.12.
CVE-2026-3528 2 Drupal, Joaopaulocdev 2 Calculation Fields, Calculation Fields 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Calculation Fields allows Cross-Site Scripting (XSS).This issue affects Calculation Fields: from 0.0.0 before 1.0.4.
CVE-2025-70033 2 Sunbird, Sunbird-ed 2 Sunbirded-portal, Sunbirded-portal 2026-04-01 5.4 Medium
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.
CVE-2025-12551 1 Wordpress 1 Wordpress 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins ListingHub listinghub allows Reflected XSS.This issue affects ListingHub: from n/a through 1.2.6.
CVE-2026-27440 2 Saadiqbal, Wordpress 2 Mycred, Wordpress 2026-04-01 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal myCred mycred allows Stored XSS.This issue affects myCred: from n/a through <= 2.9.7.6.
CVE-2026-27360 2 10web, Wordpress 2 Photo Gallery, Wordpress 2026-04-01 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Stored XSS.This issue affects Photo Gallery by 10Web: from n/a through <= 1.8.38.
CVE-2026-25472 2 Themefusion, Wordpress 2 Fusion Builder, Wordpress 2026-04-01 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows Stored XSS.This issue affects Fusion Builder: from n/a through <= 3.14.1.
CVE-2026-25451 2 Bold-themes, Wordpress 2 Bold Page Builder, Wordpress 2026-04-01 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Builder bold-page-builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through <= 5.6.9.
CVE-2026-24630 2 Design, Wordpress 2 Stylish Cost Calculator, Wordpress 2026-04-01 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Design Stylish Cost Calculator stylish-cost-calculator allows Stored XSS.This issue affects Stylish Cost Calculator: from n/a through <= 8.2.5.