CWE-CWE-79 CVE - OpenCVE

Filtered by CWE-79

Total 42565 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2025-25082			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Chirkov FlexIDX Home Search flexidx-home-search allows Stored XSS.This issue affects FlexIDX Home Search: from n/a through <= 2.1.2.
CVE-2025-25080			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gubbigubbi Kona Gallery Block kona-instagram-feed-for-gutenberg allows Stored XSS.This issue affects Kona Gallery Block: from n/a through <= 1.7.
CVE-2025-25079			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Garrett Grimm Simple Select All Text Box simple-select-all-text-box allows Stored XSS.This issue affects Simple Select All Text Box: from n/a through <= 3.2.
CVE-2025-25078			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrew Norcross Google Earth Embed google-earth-tours allows Stored XSS.This issue affects Google Earth Embed: from n/a through <= 1.0.
CVE-2025-25077			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dugbug Easy Chart Builder for WordPress easy-chart-builder allows Stored XSS.This issue affects Easy Chart Builder for WordPress: from n/a through <= 1.3.
CVE-2025-25076			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicholaswilson Graceful Email Obfuscation graceful-email-obfuscation allows Stored XSS.This issue affects Graceful Email Obfuscation: from n/a through <= 0.2.2.
CVE-2025-25073			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vasilis Triantafyllou Easy WP Tiles easy-wp-tiles allows Stored XSS.This issue affects Easy WP Tiles: from n/a through <= 1.
CVE-2025-25070			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ed atrero Album Reviewer albumreviewer allows Stored XSS.This issue affects Album Reviewer: from n/a through <= 2.0.2.
CVE-2025-24774			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mojoomla WPCRM - CRM for Contact form CF7 & WooCommerce wpcrm allows Reflected XSS.This issue affects WPCRM - CRM for Contact form CF7 & WooCommerce: from n/a through <= 3.2.0.
CVE-2025-24771			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Content Manager Light content-manager-light allows Reflected XSS.This issue affects Content Manager Light: from n/a through <= 3.2.
CVE-2025-24764			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in A. Jones (Simply) Guest Author Name guest-author-name allows DOM-Based XSS.This issue affects (Simply) Guest Author Name: from n/a through <= 4.36.
CVE-2025-24758			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Map Locations cm-map-locations allows Reflected XSS.This issue affects CM Map Locations: from n/a through <= 2.0.8.
CVE-2025-24755			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows Stored XSS.This issue affects PDF Invoice Builder for WooCommerce: from n/a through <= 4.6.0.
CVE-2025-24752	1 Wpdeveloper	1 Essential Addons For Elementor	2026-04-01	N/A	6.1 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Reflected XSS.This issue affects Essential Addons for Elementor: from n/a through <= 6.0.14.
CVE-2025-24746	1 Code-atlantic	1 Popup Maker	2026-04-01	N/A	5.4 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel Iser Popup Maker popup-maker allows Stored XSS.This issue affects Popup Maker: from n/a through <= 1.20.2.
CVE-2025-24745			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RadiusTheme Classified Listing classified-listing allows Reflected XSS.This issue affects Classified Listing: from n/a through <= 4.0.1.
CVE-2025-24732	1 Reputeinfosystems	1 Bookingpress	2026-04-01	N/A	5.4 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reputeinfosystems BookingPress bookingpress-appointment-booking allows DOM-Based XSS.This issue affects BookingPress: from n/a through <= 1.1.25.
CVE-2025-24731	1 Ip2location	1 Country Blocker	2026-04-01	N/A	4.8 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IP2Location Download IP2Location Country Blocker ip2location-country-blocker allows Stored XSS.This issue affects Download IP2Location Country Blocker: from n/a through <= 2.38.3.
CVE-2025-24730			2026-04-01	N/A	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RexTheme WP VR wpvr allows DOM-Based XSS.This issue affects WP VR: from n/a through <= 8.5.14.
CVE-2025-24729	1 Elementinvader	1 Elementinvader Addons For Elementor	2026-04-01	N/A	5.4 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Stored XSS.This issue affects ElementInvader Addons for Elementor: from n/a through <= 1.3.3.

Vulnerabilities (CVE)