Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21532

21532 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-53484 SecurePoll: Multiple locations vulnerable to Cross-Site Scripting (XSS) via unescaped input — Mediawiki - SecurePoll extension 6.1 -2025-07-04
CVE-2025-53482 IPInfo: Message key XSS through several IPInfo messages in infobox and popup — Mediawiki - IPInfo Extension 6.1 -2025-07-04
CVE-2025-7066 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Jirafeau — Jirafeau 6.1 Medium2025-07-04
CVE-2025-6740 Contact Form 7 Database Addon <= 1.3.1 - Unauthenticated Stored Cross-Site Scripting via tmpD Parameter — Database Addon for Contact Form 7 – CFDB7 6.1 Medium2025-07-04
CVE-2025-24771 WordPress Content Manager Light plugin <= 3.2 - Reflected Cross Site Scripting (XSS) vulnerability — Content Manager Light 7.1 High2025-07-04
CVE-2025-28968 WordPress WP Wall plugin <= 1.7.3 - Reflected Cross Site Scripting (XSS) vulnerability — WP Wall 7.1 High2025-07-04
CVE-2025-28976 WordPress Email Address Security by WebEmailProtector plugin <= 3.3.6 - Cross Site Scripting (XSS) Vulnerability — Email Address Security by WebEmailProtector 6.5 Medium2025-07-04
CVE-2025-28978 WordPress SB Breadcrumbs plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability — SB Breadcrumbs 7.1 High2025-07-04
CVE-2025-31037 WordPress Homey theme <= 2.4.5 - Reflected Cross Site Scripting (XSS) vulnerability — Homey 7.1 High2025-07-04
CVE-2025-39487 WordPress Rankie plugin <= 1.8.2 - Reflected Cross Site Scripting (XSS) vulnerability — Rankie 7.1 High2025-07-04
CVE-2025-32311 WordPress Pressroom theme <= 7.0 - Reflected Cross Site Scripting (XSS) vulnerability — Pressroom 7.1 High2025-07-04
CVE-2025-48231 WordPress Booking Calendar Contact Form plugin <= 1.2.58 - Cross Site Scripting (XSS) Vulnerability — Booking Calendar Contact Form 6.5 Medium2025-07-04
CVE-2025-49247 WordPress Team Showcase plugin < 25.05.13 - Reflected Cross Site Scripting (XSS) vulnerability — Team Showcase 7.1 High2025-07-04
CVE-2025-49245 WordPress Testimonials Showcase plugin <= 1.9.16 - Reflected Cross Site Scripting (XSS) vulnerability — Testimonials Showcase 7.1 High2025-07-04
CVE-2025-49274 WordPress Neom Blog theme <= 0.0.9 - Reflected Cross Site Scripting (XSS) vulnerability — Neom Blog 7.1 High2025-07-04
CVE-2025-49866 WordPress Beautiful Cookie Consent Banner plugin <= 4.6.1 - Cross Site Scripting (XSS) Vulnerability — Beautiful Cookie Consent Banner 7.1 High2025-07-04
CVE-2025-52796 WordPress WP-Recall <= 16.26.14 - Cross Site Scripting (XSS) Vulnerability — WP-Recall 7.1 High2025-07-04
CVE-2025-52776 WordPress Video List Manager plugin <= 1.7 - Cross Site Scripting (XSS) Vulnerability — Video List Manager 7.1 High2025-07-04
CVE-2025-52798 WordPress JobSearch plugin < 3.0.6 - Reflected Cross Site Scripting (XSS) Vulnerability — JobSearch 7.1 High2025-07-04
CVE-2025-30983 WordPress Card flip image slideshow plugin <= 1.5 - Cross Site Scripting (XSS) Vulnerability — Card flip image slideshow 6.5 Medium2025-07-04
CVE-2025-30943 WordPress Posts Slider Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability — Posts Slider Shortcode 6.5 Medium2025-07-04
CVE-2025-28971 WordPress Easy Elements Hider plugin <= 2.0 - Cross Site Scripting (XSS) Vulnerability — Easy Elements Hider 5.9 Medium2025-07-04
CVE-2025-28957 WordPress OwnerRez API plugin <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability — OwnerRez API 6.5 Medium2025-07-04
CVE-2025-27326 WordPress Video Gallery Block plugin <= 1.1.0 - Cross Site Scripting (XSS) Vulnerability — Video Gallery Block 6.5 Medium2025-07-04
CVE-2025-26591 WordPress WP fancybox plugin <= 1.0.3 - Cross Site Scripting (XSS) Vulnerability — WP fancybox 6.5 Medium2025-07-04
CVE-2025-24764 WordPress (Simply) Guest Author Name plugin <= 4.36 - Cross Site Scripting (XSS) Vulnerability — (Simply) Guest Author Name 6.5 Medium2025-07-04
CVE-2025-24735 WordPress Chatra Live Chat + ChatBot + Cart Saver plugin <= 1.0.11 - Cross Site Scripting (XSS) Vulnerability — Chatra Live Chat + ChatBot + Cart Saver 7.7 High2025-07-04
CVE-2025-53566 WordPress WP Visitor Statistics (Real Time Traffic) plugin <= 7.8 - Cross Site Scripting (XSS) Vulnerability — WP Visitor Statistics (Real Time Traffic) 6.5 Medium2025-07-04
CVE-2025-6673 Easy restaurant menu manager <= 2.0.1 - Authenticated (Contributot+) Stored Cross-Site Scripting via `nsc_eprm_menu_link` Shortcode — Easy restaurant menu manager 6.4 Medium2025-07-04
CVE-2024-11937 Premium Addons for Elementor <= 4.10.69 - Authenticated (Contributor+) Stored Cross-Site Scripting — Premium Addons for Elementor – Powerful Elementor Templates & Widgets 6.4 Medium2025-07-04

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.