Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21534

21534 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-4774 Premium Addons for Elementor <= 4.11.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget — Premium Addons for Elementor – Powerful Elementor Templates & Widgets 6.4 Medium2025-06-10
CVE-2025-3117 Schneider Electric Modicon Controllers 跨站脚本漏洞 — Modicon Controllers M241/M251 5.4 Medium2025-06-10
CVE-2025-3905 Schneider Electric Modicon Controllers 跨站脚本漏洞 — Modicon Controllers M241/M251 5.4 Medium2025-06-10
CVE-2025-3899 Schneider Electric Modicon Controllers 跨站脚本漏洞 — Modicon Controllers M241/M251 5.4 Medium2025-06-10
CVE-2025-5742 Schneider Electric EVLink WallBox 跨站脚本漏洞 — EVLink WallBox 5.4 Medium2025-06-10
CVE-2025-3076 Elementor Pro <= 3.29.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Elementor Website Builder Pro 6.4 Medium2025-06-10
CVE-2025-42990 HTML Injection in Unprotected SAPUI5 applications — SAPUI5 applications 3.0 Low2025-06-10
CVE-2025-31325 Cross-Site Scripting (XSS) Vulnerability in SAP NetWeaver (ABAP Keyword Documentation) — SAP NetWeaver (ABAP Keyword Documentation) 5.8 Medium2025-06-10
CVE-2025-23192 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence (BI Workspace) — SAP BusinessObjects Business Intelligence (BI Workspace) 8.2 High2025-06-10
CVE-2025-49137 Hax CMS Stored Cross-Site Scripting vulnerability — issues 8.5 High2025-06-09
CVE-2025-5887 jsnjfz WebStack-Guns File Upload UserMgrController.java cross site scripting — WebStack-Guns 3.5 Low2025-06-09
CVE-2025-5886 Emlog article.php cross site scripting — Emlog 3.5 Low2025-06-09
CVE-2025-31057 WordPress Universal Video Player plugin <= 1.4.0 - Reflected Cross Site Scripting (XSS) vulnerability — Universal Video Player 7.1 High2025-06-09
CVE-2025-31058 WordPress Revolution Video Player plugin <= 2.9.2 - Reflected Cross Site Scripting (XSS) vulnerability — Revolution Video Player 7.1 High2025-06-09
CVE-2025-31061 WordPress Wishlist plugin <= 2.1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Wishlist 7.1 High2025-06-09
CVE-2025-31426 WordPress Sticky Radio Player plugin <= 3.4 - Reflected Cross Site Scripting (XSS) vulnerability — Sticky Radio Player 7.1 High2025-06-09
CVE-2025-31917 WordPress Universal Video Player plugin <= 3.8.3 - Reflected Cross Site Scripting (XSS) vulnerability — Universal Video Player 7.1 High2025-06-09
CVE-2025-31638 WordPress Spare <= 1.7 - Cross Site Scripting (XSS) Vulnerability — Spare 7.1 High2025-06-09
CVE-2025-31925 WordPress SHOUT plugin <= 3.5.3 - Reflected Cross Site Scripting (XSS) vulnerability — SHOUT 7.1 High2025-06-09
CVE-2025-32305 WordPress FlatNews theme <= 5.8 - Reflected Cross Site Scripting (XSS) vulnerability — WordPress FlatNews Theme 7.1 High2025-06-09
CVE-2025-39539 WordPress WP Email Delivery plugin <= 1.20.11.23 - Reflected Cross Site Scripting (XSS) vulnerability — WP Email Delivery 7.1 High2025-06-09
CVE-2025-47477 WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.23 - Reflected Cross Site Scripting (XSS) vulnerability — Backup and Staging by WP Time Capsule 7.1 High2025-06-09
CVE-2025-47487 WordPress MC Woocommerce Wishlist plugin <= 1.9.1 - Cross Site Scripting (XSS) Vulnerability — MC Woocommerce Wishlist 7.1 High2025-06-09
CVE-2025-47598 WordPress History Log by click5 plugin <= 1.0.13 - Cross Site Scripting (XSS) Vulnerability — History Log by click5 6.5 Medium2025-06-09
CVE-2025-48143 WordPress Formulario de contacto SalesUp! plugin <= 1.0.14 - Reflected Cross Site Scripting (XSS) vulnerability — Formulario de contacto SalesUp! 7.1 High2025-06-09
CVE-2025-48279 WordPress WC MyParcel Belgium plugin <= 4.5.5-beta - Reflected Cross Site Scripting (XSS) vulnerability — WC MyParcel Belgium 7.1 High2025-06-09
CVE-2025-5884 Konica Minolta bizhub Display MFP Information List cross site scripting — bizhub 3.5 Low2025-06-09
CVE-2025-5879 WuKongOpenSource WukongCRM File Upload AdminSysConfigController.java cross site scripting — WukongCRM 3.5 Low2025-06-09
CVE-2025-49130 Laravel Translation Manager Vulnerable to Stored Cross-site Scripting — laravel-translation-manager 5.4AIMediumAI2025-06-09
CVE-2025-41437 Reflected XSS — OpManager 4.3 Medium2025-06-09

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21534 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.