Filtered by CWE-79

Search

Switch to Advanced Search (Beta)
Total 43776 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-53426 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Likert Survey Master likert-survey-master allows Reflected XSS.This issue affects Likert Survey Master: from n/a through <= 0.8.0.1.
CVE-2025-53349 2 Laborator, Wordpress 2 Kalium, Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through <= 3.18.3.
CVE-2025-53342 2 Goodlayers, Wordpress 2 Modernize, Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoodLayers Modernize modernize allows Stored XSS.This issue affects Modernize: from n/a through <= 3.4.0.
CVE-2025-53336 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in abditsori My Resume Builder my-resume-builder allows Stored XSS.This issue affects My Resume Builder: from n/a through <= 1.0.3.
CVE-2025-53330 2 Wordpress, Wpestate 2 Wordpress, Wp Rentals 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpEstate WP Rentals wprentals allows Stored XSS.This issue affects WP Rentals: from n/a through <= 3.16.1.
CVE-2025-53325 1 Wordpress 1 Wordpress 2026-04-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dilip kumar Beauty Contact Popup Form beauty-contact-popup-form allows Stored XSS.This issue affects Beauty Contact Popup Form: from n/a through <= 6.0.
CVE-2025-53324 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeYatri Gutenify gutenify allows Stored XSS.This issue affects Gutenify: from n/a through <= 1.5.7.
CVE-2025-53321 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raise The Money Raise The Money raise-the-money allows DOM-Based XSS.This issue affects Raise The Money: from n/a through <= 5.2.
CVE-2025-53320 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wp Enhanced Free Downloads EDD free-downloads-edd allows DOM-Based XSS.This issue affects Free Downloads EDD: from n/a through <= 1.0.4.
CVE-2025-53307 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Beaver Builder WordPress Assistant assistant allows Reflected XSS.This issue affects WordPress Assistant: from n/a through <= 1.5.2.
CVE-2025-53301 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme Junkie Theme Junkie Team Content theme-junkie-team-content allows DOM-Based XSS.This issue affects Theme Junkie Team Content: from n/a through <= 0.1.1.
CVE-2025-53300 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in douglaskarr Podcast Feed Player Widget and Shortcode podcast-feed-player-widget allows Stored XSS.This issue affects Podcast Feed Player Widget and Shortcode: from n/a through <= 2.2.0.
CVE-2025-53296 1 Wordpress 1 Wordpress 2026-04-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ecoal95 EC Stars Rating ec-stars-rating allows Stored XSS.This issue affects EC Stars Rating: from n/a through <= 1.0.11.
CVE-2025-53294 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Smart Agenda Smart Agenda smart-agenda-prise-de-rendez-vous-en-ligne allows Stored XSS.This issue affects Smart Agenda: from n/a through <= 4.9.
CVE-2025-53292 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in samsk WP DataTable wp-datatable allows DOM-Based XSS.This issue affects WP DataTable: from n/a through <= 0.2.7.
CVE-2025-53290 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in anonymized-15272943 WP Visual Sitemap wp-visual-sitemap allows Stored XSS.This issue affects WP Visual Sitemap: from n/a through <= 1.0.2.
CVE-2025-53289 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jason Theme Blvd Widget Areas theme-blvd-widget-areas allows Reflected XSS.This issue affects Theme Blvd Widget Areas: from n/a through <= 1.3.0.
CVE-2025-53287 1 Wordpress 1 Wordpress 2026-04-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robert Cummings Quick Favicon quick-favicon allows Stored XSS.This issue affects Quick Favicon: from n/a through <= 0.22.8.
CVE-2025-53286 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jhainey Milevis Dropify wc-dropi-integration allows Reflected XSS.This issue affects Dropify: from n/a through <= 4.7.2.
CVE-2025-53285 2026-04-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Website Flip Add &amp; Replace Affiliate Links for Amazon add-replace-affiliate-links-for-amazon allows Stored XSS.This issue affects Add &amp; Replace Affiliate Links for Amazon: from n/a through <= 1.0.6.