CWE-79 CVEs and Security Vulnerabilities

Filtered by CWE-79

Search

Switch to Advanced Search (Beta)

Total 34410 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-29433	1 Donations Project	1 Donations	2025-02-20	4.1 Medium
Authenticated (contributor or higher role) Cross-Site Scripting (XSS) vulnerability in Donations plugin <= 1.8 on WordPress.
CVE-2022-29436	1 Code Snippets Extended Project	1 Code Snippets Extended	2025-02-20	4.7 Medium
Persistent Cross-Site Scripting (XSS) vulnerability in Alexander Stokmann's Code Snippets Extended plugin <= 1.4.7 on WordPress via Cross-Site Request Forgery (vulnerable parameters &title, &snippet_code).
CVE-2022-25617	1 Codesnippets	1 Code Snippets	2025-02-20	4.7 Medium
Reflected Cross-Site Scripting (XSS) vulnerability in Code Snippets plugin <= 2.14.3 at WordPress via &orderby vulnerable parameter.
CVE-2022-29449	1 Wpopal	1 Opal Hotel Room Booking	2025-02-20	4.1 Medium
Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Opal Hotel Room Booking plugin <= 1.2.7 at WordPress.
CVE-2021-36833	1 Mailchimp For Wordpress Project	1 Mailchimp For Wordpress	2025-02-20	4.8 Medium
Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ibericode's MC4WP plugin <= 4.8.6 at WordPress.
CVE-2022-29424	1 Oxilab	1 Image Hover Effects Ultimate	2025-02-20	4.8 Medium
Authenticated (admin or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in Biplob Adhikari's Image Hover Effects Ultimate plugin <= 9.7.1 at WordPress.
CVE-2022-29425	1 Wpwham	1 Checkout Files Upload For Woocommerce	2025-02-20	6.1 Medium
Cross-Site Scripting (XSS) vulnerability in WP Wham's Checkout Files Upload for WooCommerce plugin <= 2.1.2 at WordPress.
CVE-2022-29426	1 2joomla	1 2j Slideshow	2025-02-20	5.4 Medium
Authenticated (contributor or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team's Slideshow, Image Slider by 2J plugin <= 1.3.54 at WordPress.
CVE-2022-29428	1 Muneeb	1 Wp Slider	2025-02-20	4.1 Medium
Cross-Site Scripting (XSS) vulnerability in Muneeb's WP Slider Plugin <= 1.4.5 at WordPress.
CVE-2022-29430	1 Png To Jpg Project	1 Png To Jpg	2025-02-20	4.7 Medium
Cross-Site Scripting (XSS) vulnerability in KubiQ's PNG to JPG plugin <= 4.0 at WordPress via Cross-Site Request Forgery (CSRF). Vulnerable parameter &jpg_quality.
CVE-2022-29432	1 Tms-outsource	1 Wpdatatables	2025-02-20	3.4 Low
Multiple Authenticated (administrator or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in TMS-Plugins wpDataTables plugin <= 2.1.27 on WordPress via &data-link-text, &data-link-url, &data, &data-shortcode, &data-star-num vulnerable parameters.
CVE-2022-29408	1 Vsourz	1 Advanced Cf7 Db	2025-02-20	4.7 Medium
Persistent Cross-Site Scripting (XSS) vulnerability in Vsourz Digital's Advanced Contact form 7 DB plugin <= 1.8.7 at WordPress.
CVE-2021-36866	1 Fatcatapps	1 Easy Pricing Tables	2025-02-20	4.8 Medium
Authenticated (author or higher role) Stored Cross-Site Scripting (XSS) vulnerability in Fatcat Apps Easy Pricing Tables plugin <= 3.1.2 at WordPress.
CVE-2022-29455	1 Elementor	1 Website Builder	2025-02-20	4.7 Medium
DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions.
CVE-2021-36901	1 Asylumdigital	1 Age Gate	2025-02-20	6.1 Medium
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in Phil Baker's Age Gate plugin <= 2.17.0 at WordPress.
CVE-2022-27859	1 Nicdark	1 Nd-travel	2025-02-20	4.1 Medium
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark d.o.o. Travel Management plugin <= 2.0 at WordPress.
CVE-2022-29406	1 Dynamicweblab	1 Wp-team-manager	2025-02-20	4.1 Medium
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in DynamicWebLab's WordPress Team Manager plugin <= 1.6.9 at WordPress.
CVE-2022-29438	1 Nextcode	1 Image Slider By Nextcode	2025-02-20	4.8 Medium
Authenticated (author or higher user role) Persistent Cross-Site Scripting (XSS) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress.
CVE-2022-29440	1 Promotion Slider Project	1 Promotion Slider	2025-02-20	5.4 Medium
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Promotion Slider plugin <= 3.3.4 at WordPress.
CVE-2022-29442	1 Private Messages Project	1 Private Messages	2025-02-20	5.4 Medium
Authenticated (subscriber or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Messages For WordPress <= 2.1.10 at WordPress.

« first previous Page 99 of 1721. next last »