Fallos del tipo CWE-80
552 resultadosCVE-2025-14186MEDIUMGrandstream GXP1625 Network Status api.values.post cross site scriptingEPSS 0.2%CVE-2025-8621MEDIUMMosaic Generator <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'c' ParameterEPSS 0.2%CVE-2025-11161MEDIUMWPBakery Page Builder <= 8.6.1 - Stored Cross-Site Scripting via vc_custom_heading ShortcodeEPSS 0.2%CVE-2026-28132MEDIUMWordPress WooCommerce Photo Reviews plugin <= 1.4.4 - Content Injection vulnerabilityEPSS 0.2%CVE-2025-11160MEDIUMWPBakery Page Builder <= 8.6.1 - Stored Cross-Site Scripting via Custom JS ModuleEPSS 0.2%CVE-2025-11745MEDIUMAd Inserter <= 2.8.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom FieldEPSS 0.2%CVE-2025-29426MEDIUMCode-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/class.php via the id and cyEPSS 0.2%CVE-2025-31075MEDIUMWordPress MicroPayments plugin <= 2.9.29 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-14792MEDIUMKey Figures <= 1.1 - Authenticated (Admin+) Stored Cross-Site Scripting via kf_field_figure_default_color_renderEPSS 0.2%CVE-2025-5686MEDIUMPaged Gallery <= 0.7 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-52564MEDIUMChamilo: HTML injection via open parameterEPSS 0.2%CVE-2026-35460MEDIUMPapra has an HTML Injection in Transactional Emails via Unescaped User Display NameEPSS 0.2%CVE-2026-11511MEDIUMBolt CMS HTML Attribute TextType.php HTML injectionEPSS 0.2%CVE-2025-11992MEDIUMMulti Item Responsive Slider <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-27514MEDIUMGLPI is susceptible to Stored XSS attack through project's kanbanEPSS 0.2%CVE-2025-60244HIGHWordPress TableOn plugin <= 1.0.5.1 - Content Injection vulnerabilityEPSS 0.2%CVE-2025-29431LOWCode-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/department.php via the id, EPSS 0.2%CVE-2025-12753MEDIUMChart Expert <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.2%CVE-2025-58054LOWDiscourse is vulnerable to XSS when quoting chat messagesEPSS 0.2%CVE-2026-39837MEDIUMStored XSS through the dynamic table format in CargoEPSS 0.2%