Filtered by CWE-79

Search

Switch to Advanced Search (Beta)
Total 43787 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-53336 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in abditsori My Resume Builder my-resume-builder allows Stored XSS.This issue affects My Resume Builder: from n/a through <= 1.0.3.
CVE-2025-53330 2 Wordpress, Wpestate 2 Wordpress, Wp Rentals 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpEstate WP Rentals wprentals allows Stored XSS.This issue affects WP Rentals: from n/a through <= 3.16.1.
CVE-2025-53325 1 Wordpress 1 Wordpress 2026-04-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dilip kumar Beauty Contact Popup Form beauty-contact-popup-form allows Stored XSS.This issue affects Beauty Contact Popup Form: from n/a through <= 6.0.
CVE-2025-53324 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeYatri Gutenify gutenify allows Stored XSS.This issue affects Gutenify: from n/a through <= 1.5.7.
CVE-2025-53321 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raise The Money Raise The Money raise-the-money allows DOM-Based XSS.This issue affects Raise The Money: from n/a through <= 5.2.
CVE-2025-53320 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wp Enhanced Free Downloads EDD free-downloads-edd allows DOM-Based XSS.This issue affects Free Downloads EDD: from n/a through <= 1.0.4.
CVE-2025-53307 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Beaver Builder WordPress Assistant assistant allows Reflected XSS.This issue affects WordPress Assistant: from n/a through <= 1.5.2.
CVE-2025-53301 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme Junkie Theme Junkie Team Content theme-junkie-team-content allows DOM-Based XSS.This issue affects Theme Junkie Team Content: from n/a through <= 0.1.1.
CVE-2025-53300 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in douglaskarr Podcast Feed Player Widget and Shortcode podcast-feed-player-widget allows Stored XSS.This issue affects Podcast Feed Player Widget and Shortcode: from n/a through <= 2.2.0.
CVE-2025-53296 1 Wordpress 1 Wordpress 2026-04-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ecoal95 EC Stars Rating ec-stars-rating allows Stored XSS.This issue affects EC Stars Rating: from n/a through <= 1.0.11.
CVE-2025-53294 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Smart Agenda Smart Agenda smart-agenda-prise-de-rendez-vous-en-ligne allows Stored XSS.This issue affects Smart Agenda: from n/a through <= 4.9.
CVE-2025-53292 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in samsk WP DataTable wp-datatable allows DOM-Based XSS.This issue affects WP DataTable: from n/a through <= 0.2.7.
CVE-2025-53290 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in anonymized-15272943 WP Visual Sitemap wp-visual-sitemap allows Stored XSS.This issue affects WP Visual Sitemap: from n/a through <= 1.0.2.
CVE-2025-53289 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jason Theme Blvd Widget Areas theme-blvd-widget-areas allows Reflected XSS.This issue affects Theme Blvd Widget Areas: from n/a through <= 1.3.0.
CVE-2025-53287 1 Wordpress 1 Wordpress 2026-04-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robert Cummings Quick Favicon quick-favicon allows Stored XSS.This issue affects Quick Favicon: from n/a through <= 0.22.8.
CVE-2025-53286 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jhainey Milevis Dropify wc-dropi-integration allows Reflected XSS.This issue affects Dropify: from n/a through <= 4.7.2.
CVE-2025-53285 2026-04-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Website Flip Add &amp; Replace Affiliate Links for Amazon add-replace-affiliate-links-for-amazon allows Stored XSS.This issue affects Add &amp; Replace Affiliate Links for Amazon: from n/a through <= 1.0.6.
CVE-2025-53282 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aviplugins.com Thumbnail Editor thumbnail-editor allows Stored XSS.This issue affects Thumbnail Editor: from n/a through <= 2.3.3.
CVE-2025-53280 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AntoineH Football Pool football-pool allows Stored XSS.This issue affects Football Pool: from n/a through <= 2.12.5.
CVE-2025-53279 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows DOM-Based XSS.This issue affects Popup addon for Ninja Forms: from n/a through <= 3.4.