CWE-79 CVEs and Security Vulnerabilities

Export limit exceeded: 335521 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (43911 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-62752	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kalender.Digital Calendar.Online / Kalender.Digital allows DOM-Based XSS.This issue affects Calendar.Online / Kalender.Digital: from n/a through 1.0.11.
CVE-2025-62750	2 Filipe Seabra, Wordpress	2 Woocommerce Parcelas, Wordpress	2026-01-20	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Filipe Seabra WooCommerce Parcelas allows DOM-Based XSS.This issue affects WooCommerce Parcelas: from n/a through 1.3.5.
CVE-2025-62749	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bainternet User Specific Content allows DOM-Based XSS.This issue affects User Specific Content: from n/a through 1.0.6.
CVE-2025-62748	3 Genetech Products, Woocommerce, Wordpress	3 Web And Woocommerce Addons For Wpbakery Builder, Woocommerce, Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Genetech Products Web and WooCommerce Addons for WPBakery Builder allows DOM-Based XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.5.
CVE-2025-62746	2 Codeflavors, Wordpress	2 Featured Video For Wordpress & Videographywp, Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeFlavors Featured Video for WordPress & VideographyWP allows Stored XSS.This issue affects Featured Video for WordPress & VideographyWP: from n/a through 1.0.18.
CVE-2025-62744	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Steman Page Title Splitter allows Stored XSS.This issue affects Page Title Splitter: from n/a through 2.5.9.
CVE-2025-62743	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zookatron MyBookTable Bookstore allows Stored XSS.This issue affects MyBookTable Bookstore: from n/a through 3.5.5.
CVE-2025-62742	2 Curator, Wordpress	2 Curator.io, Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Curator.Io allows Stored XSS.This issue affects Curator.Io: from n/a through 1.9.5.
CVE-2025-62149	1 Wordpress	1 Wordpress	2026-01-20	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SaifuMak Add Custom Codes allows Stored XSS.This issue affects Add Custom Codes: from n/a through 4.80.
CVE-2025-62146	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maksym Marko MX Time Zone Clocks allows Stored XSS.This issue affects MX Time Zone Clocks: from n/a through 5.1.1.
CVE-2025-62142	2 Cincopa, Wordpress	2 Video And Media Plug-in, Wordpress	2026-01-20	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicashmu Cincopa video and media plugin allows Stored XSS.This issue affects Cincopa video and media plug-in: from n/a through 1.163.
CVE-2025-62140	2 Plainwaire, Wordpress	2 Locatoraid Store Locator, Wordpress	2026-01-20	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Plainware Locatoraid Store Locator allows Stored XSS.This issue affects Locatoraid Store Locator: from n/a through 3.9.65.
CVE-2025-62137	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shuttlethemes Shuttle allows Stored XSS.This issue affects Shuttle: from n/a through 1.5.0.
CVE-2025-62136	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThinkUpThemes Melos allows Stored XSS.This issue affects Melos: from n/a through 1.6.0.
CVE-2025-62135	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in landwire Responsive Block Control allows DOM-Based XSS.This issue affects Responsive Block Control: from n/a through 1.2.9.
CVE-2025-62125	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anshul Gangrade Custom Background Changer custom-background-changer allows Stored XSS.This issue affects Custom Background Changer: from n/a through 3.0.
CVE-2025-62124	1 Wordpress	1 Wordpress	2026-01-20	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Soli WP Post Signature allows Stored XSS.This issue affects WP Post Signature: from n/a through 0.4.1.
CVE-2025-62121	1 Wordpress	1 Wordpress	2026-01-20	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through 1.8.1.
CVE-2025-62119	1 Wordpress	1 Wordpress	2026-01-20	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ViitorCloud Technologies Pvt Ltd Add Featured Image Custom Link allows DOM-Based XSS.This issue affects Add Featured Image Custom Link: from n/a through 2.0.0.
CVE-2025-62118	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kcseopro AdWords Conversion Tracking Code allows Stored XSS.This issue affects AdWords Conversion Tracking Code: from n/a through 1.0.

« first previous Page 93 of 2196. next last »