Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21532

21532 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-52786 WordPress Media Folder plugin <= 1.0.0 - Cross Site Scripting (XSS) Vulnerability — Media Folder 7.1 High2025-07-16
CVE-2025-52787 WordPress Tennis Court Bookings plugin <= 1.2.7 - Cross Site Scripting (XSS) Vulnerability — Tennis Court Bookings 7.1 High2025-07-16
CVE-2024-10032 Eclipse GlassFish 跨站脚本漏洞 — Eclipse Glassfish 4.8 -2025-07-16
CVE-2024-10031 Eclipse GlassFish 跨站脚本漏洞 — Eclipse Glassfish 5.4 -2025-07-16
CVE-2024-10029 Eclipse GlassFish 跨站脚本漏洞 — Eclipse Glassfish 6.1 -2025-07-16
CVE-2024-9343 Eclipse GlassFish 跨站脚本漏洞 — Eclipse Glassfish 4.8 -2025-07-16
CVE-2025-48156 WordPress Image Wall plugin <= 3.1 - Cross Site Scripting (XSS) Vulnerability — Image Wall 6.5 Medium2025-07-16
CVE-2025-48295 WordPress Easy Elementor Addons plugin <= 2.2.5 - Cross Site Scripting (XSS) Vulnerability — Easy Elementor Addons 6.5 Medium2025-07-16
CVE-2025-54051 WordPress LightBox Block plugin <= 1.1.30 - Cross Site Scripting (XSS) Vulnerability — LightBox Block 6.5 Medium2025-07-16
CVE-2025-54050 WordPress Responsive Addons for Elementor plugin <= 1.7.3 - Cross Site Scripting (XSS) Vulnerability — Responsive Addons for Elementor 6.5 Medium2025-07-16
CVE-2025-54024 WordPress WPAdverts plugin <= 2.2.5 - Cross Site Scripting (XSS) Vulnerability — WPAdverts 6.5 Medium2025-07-16
CVE-2025-54023 WordPress WP Delicious plugin <= 1.8.4 - Cross Site Scripting (XSS) Vulnerability — WP Delicious 6.5 Medium2025-07-16
CVE-2025-54016 WordPress Videopack plugin <= 4.10.3 - Cross Site Scripting (XSS) Vulnerability — Videopack 6.5 Medium2025-07-16
CVE-2025-54013 WordPress Welcart e-Commerce plugin <= 2.11.16 - Cross Site Scripting (XSS) Vulnerability — Welcart e-Commerce 5.9 Medium2025-07-16
CVE-2025-54009 WordPress JetSmartFilters plugin <= 3.6.8 - Cross Site Scripting (XSS) Vulnerability — JetSmartFilters 6.5 Medium2025-07-16
CVE-2025-54006 WordPress Bold Page Builder plugin <= 5.4.1 - Cross Site Scripting (XSS) Vulnerability — Bold Page Builder 6.5 Medium2025-07-16
CVE-2025-53994 WordPress JetPopup plugin <= 2.0.15 - Cross Site Scripting (XSS) Vulnerability — JetPopup 6.5 Medium2025-07-16
CVE-2025-53996 WordPress JetSearch plugin <= 3.5.10.1 - Cross Site Scripting (XSS) Vulnerability — JetSearch 6.5 Medium2025-07-16
CVE-2025-53995 WordPress JetPopup plugin <= 2.0.15.1 - Cross Site Scripting (XSS) Vulnerability — JetPopup 6.5 Medium2025-07-16
CVE-2025-53991 WordPress JetTricks plugin <= 1.5.4.1 - Cross Site Scripting (XSS) Vulnerability — JetTricks 6.5 Medium2025-07-16
CVE-2025-53989 WordPress JetBlocks For Elementor plugin <= 1.3.19 - Cross Site Scripting (XSS) Vulnerability — JetBlocks For Elementor 6.5 Medium2025-07-16
CVE-2025-53984 WordPress JetTabs plugin <= 2.2.9 - Cross Site Scripting (XSS) Vulnerability — JetTabs 6.5 Medium2025-07-16
CVE-2025-53982 WordPress JetElements For Elementor plugin <= 2.7.7 - Cross Site Scripting (XSS) Vulnerability — JetElements For Elementor 6.5 Medium2025-07-16
CVE-2025-40724 Stored Cross-Site Scripting (XSS) in Pharmacy POS PHP Script — Pharmacy POS PHP Script 6.1AIMediumAI2025-07-16
CVE-2025-7035 Media Library Assistant <= 3.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via mla_tag_cloud and mla_term_list Shortcodes — Media Library Assistant 6.4 Medium2025-07-16
CVE-2025-5284 Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations <= 2.0.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits 6.4 Medium2025-07-16
CVE-2025-6747 Avada (Fusion) Builder <= 3.12.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Avada (Fusion) Builder 6.4 Medium2025-07-16
CVE-2025-5843 Brandfolder <= 5.0.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter — Brandfolder – Digital Asset Management Simplified. 6.4 Medium2025-07-16
CVE-2025-5845 Affiliate Reviews <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via numColumns Parameter — Affiliate Reviews 6.4 Medium2025-07-16
CVE-2025-2800 WP Event Manager <= 3.1.50 - Unauthenticated Stored Cross-Site Scripting via 'organizer_name' — WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce 7.2 High2025-07-16

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.