CWE-79 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (44278 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-28367	1 Vektor-inc	1 Vk All In One Expansion Unit	2025-01-17	5.4 Medium
Cross-site scripting vulnerability in CTA post function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script.
CVE-2023-27926	1 Vektor-inc	1 Vk All In One Expansion Unit	2025-01-17	5.4 Medium
Cross-site scripting vulnerability in Profile setting function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script.
CVE-2023-27925	1 Vektor-inc	1 Vk Blocks	2025-01-17	5.4 Medium
Cross-site scripting vulnerability in Post function of VK Blocks 1.53.0.1 and earlier and VK Blocks Pro 1.53.0.1 and earlier allows a remote authenticated attacker to inject an arbitrary script.
CVE-2023-27923	1 Vektor-inc	1 Vk Blocks	2025-01-17	5.4 Medium
Cross-site scripting vulnerability in Tag edit function of VK Blocks 1.53.0.1 and earlier and VK Blocks Pro 1.53.0.1 and earlier allows a remote authenticated attacker to inject an arbitrary script.
CVE-2025-23689			2025-01-17	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Poco Blogger Image Import allows Stored XSS.This issue affects Blogger Image Import: from 2.1 through n/a.
CVE-2025-23775			2025-01-17	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WWP GMAPS for WPBakery Page Builder Free allows Stored XSS.This issue affects GMAPS for WPBakery Page Builder Free: from n/a through 1.2.
CVE-2025-23777			2025-01-17	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Willows Consulting Ltd. GDPR Personal Data Reports allows Stored XSS.This issue affects GDPR Personal Data Reports: from n/a through 1.0.5.
CVE-2025-23794			2025-01-17	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rccoder wp_amaps allows Stored XSS.This issue affects wp_amaps: from n/a through 1.7.
CVE-2025-23791			2025-01-17	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RocaPress Horizontal Line Shortcode allows Stored XSS.This issue affects Horizontal Line Shortcode: from n/a through 1.0.
CVE-2025-23807			2025-01-17	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jimmy Hu Spiderpowa Embed PDF allows Stored XSS.This issue affects Spiderpowa Embed PDF: from n/a through 1.0.
CVE-2025-23854			2025-01-17	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YesStreaming.com Shoutcast and Icecast Internet Radio Hosting Shoutcast and Icecast HTML5 Web Radio Player by YesStreaming.com allows Stored XSS.This issue affects Shoutcast and Icecast HTML5 Web Radio Player by YesStreaming.com: from n/a through 3.3.
CVE-2025-23868			2025-01-17	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Markus Liebelt Chess Tempo Viewer allows Stored XSS.This issue affects Chess Tempo Viewer: from n/a through 0.9.5.
CVE-2025-23864			2025-01-17	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Code Snippets (Luke America) WCS QR Code Generator allows Stored XSS.This issue affects WCS QR Code Generator: from n/a through 1.0.
CVE-2025-23877			2025-01-17	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nitethemes Nite Shortcodes allows Stored XSS.This issue affects Nite Shortcodes: from n/a through 1.0.
CVE-2025-23873			2025-01-17	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anshi Solutions Category D3 Tree allows Stored XSS.This issue affects Category D3 Tree: from n/a through 1.1.
CVE-2025-23878			2025-01-17	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Reilly Post-to-Post Links allows Stored XSS.This issue affects Post-to-Post Links: from n/a through 4.2.
CVE-2025-23886			2025-01-17	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Roberts Annie allows Stored XSS.This issue affects Annie: from n/a through 2.1.1.
CVE-2025-23893			2025-01-17	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Manuel Costales GMap Shortcode allows DOM-Based XSS.This issue affects GMap Shortcode: from n/a through 2.0.
CVE-2025-23876			2025-01-17	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jens Remus WP krpano allows Stored XSS.This issue affects WP krpano: from n/a through 1.2.1.
CVE-2025-23908			2025-01-17	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rami Yushuvaev Pastebin allows Stored XSS.This issue affects Pastebin: from n/a through 1.5.

« first previous Page 1295 of 2214. next last »