CWE-CWE-79 CVE - OpenCVE

Filtered by CWE-79

Total 42675 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2025-22813			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuantumCloud Conversational Forms for ChatBot conversational-forms allows Stored XSS.This issue affects Conversational Forms for ChatBot: from n/a through <= 1.4.2.
CVE-2025-22812			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aezaz Shaikh News Ticker Widget for Elementor news-ticker-widget-for-elementor allows Stored XSS.This issue affects News Ticker Widget for Elementor: from n/a through <= 1.3.2.
CVE-2025-22811			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cristian Stan MT Addons for Elementor mt-addons-for-elementor allows Stored XSS.This issue affects MT Addons for Elementor: from n/a through <= 1.0.6.
CVE-2025-22810			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Phi Phan Content Blocks Builder content-blocks-builder allows Stored XSS.This issue affects Content Blocks Builder: from n/a through <= 2.7.6.
CVE-2025-22809			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in theme funda PDF Catalog Woocommerce pdf-catalog-woocommerce allows DOM-Based XSS.This issue affects PDF Catalog Woocommerce: from n/a through <= 2.0.
CVE-2025-22808			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Surbma Surbma \| Premium WP surbma-premium-wp allows DOM-Based XSS.This issue affects Surbma \| Premium WP: from n/a through <= 9.0.
CVE-2025-22807			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robert Responsive Flickr Slideshow mobile-friendly-flickr-slideshow allows Stored XSS.This issue affects Responsive Flickr Slideshow: from n/a through <= 2.6.0.
CVE-2025-22806	1 Modernaweb	1 Black Widgets For Elementor	2026-04-01	N/A	5.4 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor black-widgets allows DOM-Based XSS.This issue affects Black Widgets For Elementor: from n/a through <= 1.3.8.
CVE-2025-22805			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Skill Bar skillbars allows Stored XSS.This issue affects Skill Bar: from n/a through <= 1.2.
CVE-2025-22804			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paul Bearne Author Avatars List/Block author-avatars allows Stored XSS.This issue affects Author Avatars List/Block: from n/a through <= 2.1.23.
CVE-2025-22803			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme Advanced Product Information for WooCommerce woo-advanced-product-information allows Stored XSS.This issue affects Advanced Product Information for WooCommerce: from n/a through <= 1.1.4.
CVE-2025-22802			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in add-ons.org Email Templates Customizer for WordPress – Drag And Drop Email Templates Builder – YeeMail yeemail allows Stored XSS.This issue affects Email Templates Customizer for WordPress – Drag And Drop Email Templates Builder – YeeMail: from n/a through <= 2.1.4.
CVE-2025-22801			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes Free WooCommerce Theme 99fy Extension 99fy-core allows Stored XSS.This issue affects Free WooCommerce Theme 99fy Extension: from n/a through <= 1.2.8.
CVE-2025-22798			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CHR Designer Responsive jQuery Slider responsive-jquery-slider allows Stored XSS.This issue affects Responsive jQuery Slider: from n/a through <= 1.1.1.
CVE-2025-22797			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oğulcan Özügenç Gallery and Lightbox gallery-and-lightbox allows Stored XSS.This issue affects Gallery and Lightbox: from n/a through <= 1.0.14.
CVE-2025-22796			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in platcom WP-Asambleas wp-asambleas allows Reflected XSS.This issue affects WP-Asambleas: from n/a through <= 2.85.0.
CVE-2025-22795			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in digitaldonkey Multilang Contact Form multilang-contact-form allows Reflected XSS.This issue affects Multilang Contact Form: from n/a through <= 1.5.
CVE-2025-22794			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ianhaycox World Cup Predictor world-cup-predictor allows Reflected XSS.This issue affects World Cup Predictor: from n/a through <= 1.9.8.
CVE-2025-22793			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bold Bold pagos en linea bold-pagos-en-linea allows DOM-Based XSS.This issue affects Bold pagos en linea: from n/a through <= 3.1.4.
CVE-2025-22788			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codexpert, Inc CoDesigner woolementor allows Stored XSS.This issue affects CoDesigner: from n/a through <= 4.29.

Vulnerabilities (CVE)