Exposure of jQuery
JavaScript libraries98
exposure score
6,030,061
sites use
1
exploited
0
critical
CVEs
54 resultsCVE-2017-15719—In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M8 and earlier, a security issue has been discovered in the WYSIWYG ediEPSS 0.9%CVE-2021-34663MEDIUMjQuery Tagline Rotator <= 0.1.5 Reflected Cross-Site ScriptingEPSS 0.9%CVE-2018-1325—In Apache wicket-jquery-ui <= 6.29.0, <= 7.10.1, <= 8.0.0-M9.1, JS code created in WYSIWYG editor will be executed on display.EPSS 0.8%CVE-2021-32850MEDIUMjQuery MiniColors vulnerable to Cross-site ScriptingEPSS 0.8%CVE-2023-5430HIGHJquery news ticker <= 3.0 - Authenticated (Subscriber+) SQL Injection via ShortcodeEPSS 0.8%CVE-2023-5464HIGHJquery accordion slideshow <= 8.1 - Authenticated (Subscriber+) SQL Injection via ShortcodeEPSS 0.8%CVE-2022-1291HIGHXSS vulnerability with default `onCellHtmlData` function in hhurz/tableexport.jquery.pluginEPSS 0.7%CVE-2023-0171MEDIUMjQuery T(-) Countdown Widget < 2.3.24 - Contributor+ Stored XSSEPSS 0.6%CVE-2023-4890MEDIUMJQuery Accordion Menu Widget <= 3.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.4%CVE-2023-5432MEDIUMJquery news ticker <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.4%CVE-2022-4974MEDIUMFreemius SDK <= 2.4.2 - Missing Authorization ChecksEPSS 0.4%CVE-2021-24543—jQuery Reply to Comment <= 1.31 - CSRF to Stored Cross-Site ScriptingEPSS 0.4%CVE-2022-2144—Jquery Validation For Contact Form 7 < 5.3 - Arbitrary Options Update via CSRFEPSS 0.4%CVE-2024-24850MEDIUMWordPress Quicksand Post Filter jQuery plugin <= 3.1.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-22546MEDIUMWordPress jQuery TwentyTwenty plugin <= 1.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-5667MEDIUMMultiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Featherlight.js JavaScript LibraryEPSS 0.3%CVE-2025-3573MEDIUMVersions of the package jquery-validation before 1.20.0 are vulnerable to Cross-site Scripting (XSS) in the showLabel() function, which may EPSS 0.3%CVE-2024-56287MEDIUMWordPress WP jQuery DataTable Plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-4783MEDIUMjQuery T(-) Countdown Widget <= 2.3.25 - Authenticated (Contributor+) Stored Cross-Site Scripting via tminus ShortcodeEPSS 0.3%CVE-2026-3279MEDIUMEnable jQuery Migrate Helper <= 1.4.1 - Missing Authorization to Authenticated (Subscriber+) jQuery Version DowngradeEPSS 0.3%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →