Filtered by CWE-79

Search

Switch to Advanced Search (Beta)
Total 40036 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-62907 1 Wordpress 1 Wordpress 2025-11-13 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aviplugins.com Custom Post Type Attachment custom-post-type-pdf-attachment allows Stored XSS.This issue affects Custom Post Type Attachment: from n/a through <= 3.4.6.
CVE-2025-62905 1 Wordpress 1 Wordpress 2025-11-13 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Tadlock Query Posts query-posts allows Stored XSS.This issue affects Query Posts: from n/a through <= 0.3.2.
CVE-2025-62904 1 Wordpress 1 Wordpress 2025-11-13 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ben Huson WP Geo wp-geo allows Stored XSS.This issue affects WP Geo: from n/a through <= 3.5.1.
CVE-2025-62903 2 Wordpress, Wpclever 2 Wordpress, Wpc Smart Messages For Woocommerce 2025-11-13 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPClever WPC Smart Messages for WooCommerce wpc-smart-messages allows Stored XSS.This issue affects WPC Smart Messages for WooCommerce: from n/a through <= 4.2.4.
CVE-2025-62900 1 Wordpress 1 Wordpress 2025-11-13 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WeblineIndia Popular Posts by Webline popular-posts-by-webline allows Stored XSS.This issue affects Popular Posts by Webline: from n/a through <= 1.1.1.
CVE-2025-62899 1 Wordpress 1 Wordpress 2025-11-13 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in THRIVE - Web Design Gold Coast Photospace Responsive photospace-responsive allows Stored XSS.This issue affects Photospace Responsive: from n/a through <= 2.2.0.
CVE-2025-62898 2 Maarten, Wordpress 2 Links Shortcode, Wordpress 2025-11-13 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maarten Links shortcode links-shortcode allows Stored XSS.This issue affects Links shortcode: from n/a through <= 1.8.3.
CVE-2025-62894 1 Wordpress 1 Wordpress 2025-11-13 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in magicoders ACF Recent Posts Widget acf-recent-posts-widget allows Stored XSS.This issue affects ACF Recent Posts Widget: from n/a through <= 5.9.3.
CVE-2025-62887 3 Elementor, Kingaddons, Wordpress 3 Elementor, King Addons For Elementor, Wordpress 2025-11-13 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KingAddons.com King Addons for Elementor king-addons allows DOM-Based XSS.This issue affects King Addons for Elementor: from n/a through <= 51.1.37.
CVE-2025-62885 2 Rextheme, Wordpress 2 Wp Vr, Wordpress 2025-11-13 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RexTheme WP VR wpvr allows DOM-Based XSS.This issue affects WP VR: from n/a through <= 8.5.42.
CVE-2025-62076 1 Wordpress 1 Wordpress 2025-11-13 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ido Kobelkowsky Simple Payment simple-payment.This issue affects Simple Payment: from n/a through <= 2.4.6.
CVE-2025-62074 2 Amauri, Wordpress 2 Wpmobile.app, Wordpress 2025-11-13 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Amauri WPMobile.App wpappninja.This issue affects WPMobile.App: from n/a through <= 11.71.
CVE-2025-62069 1 Wordpress 1 Wordpress 2025-11-13 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter.This issue affects MDTF: from n/a through <= 1.3.3.8.
CVE-2025-62068 2 E2pdf, Wordpress 2 E2pdf, Wordpress 2025-11-13 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in E2Pdf e2pdf e2pdf.This issue affects e2pdf: from n/a through <= 1.28.09.
CVE-2025-62063 1 Wordpress 1 Wordpress 2025-11-13 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Travel WP Travel Gutenberg Blocks wp-travel-blocks.This issue affects WP Travel Gutenberg Blocks: from n/a through <= 3.9.2.
CVE-2025-62060 2 Themepoints, Wordpress 2 Tab Ultimate, Wordpress 2025-11-13 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Tab Ultimate tabs-pro.This issue affects Tab Ultimate: from n/a through <= 1.8.
CVE-2025-62059 1 Wordpress 1 Wordpress 2025-11-13 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force SureRank surerank.This issue affects SureRank: from n/a through <= 1.3.2.
CVE-2025-62058 2 Favethemes, Wordpress 2 Houzez, Wordpress 2025-11-13 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through < 4.2.0.
CVE-2025-62057 2 Favethemes, Wordpress 2 Houzez, Wordpress 2025-11-13 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through < 4.2.0.
CVE-2025-62051 1 Wordpress 1 Wordpress 2025-11-13 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AndonDesign UDesign Core u-design-core.This issue affects UDesign Core: from n/a through <= 4.14.1.