Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535

21535 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-47852 JetBrains TeamCity 跨站脚本漏洞 — TeamCity 4.8 Medium2025-05-20
CVE-2025-47853 JetBrains TeamCity 跨站脚本漏洞 — TeamCity 4.8 Medium2025-05-20
CVE-2025-47851 JetBrains TeamCity 跨站脚本漏洞 — TeamCity 4.8 Medium2025-05-20
CVE-2025-41228 VMware ESXi and vCenter Server Reflected Cross Site Scripting (XSS) Vulnerability — vCenter Server 4.3 Medium2025-05-20
CVE-2025-40633 Stored Cross-Site Scripting (XSS) in Koibox — Koibox 5.4AIMediumAI2025-05-20
CVE-2025-4951 Rapid7 AppSpider Pro 安全漏洞 — AppSpider Pro 4.6 Medium2025-05-20
CVE-2024-5878 Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via SimpleLightbox JavaScript Library — Simplelightbox 6.4 Medium2025-05-20
CVE-2025-31027 WordPress Tiger theme <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability — Tiger 7.1 High2025-05-19
CVE-2025-39365 WordPress wProject theme < 5.8.0 - Reflected Cross Site Scripting (XSS) vulnerability — wProject 7.1 High2025-05-19
CVE-2025-39372 WordPress WordPress Events Calendar Registration & Tickets plugin <= 2.6.0 - Reflected Cross Site Scripting (XSS) vulnerability — WordPress Events Calendar Registration & Tickets 7.1 High2025-05-19
CVE-2025-39392 WordPress WPAMS plugin <= 44.0 (17-08-2023) - Cross Site Scripting (XSS) vulnerability — WPAMS 7.1 High2025-05-19
CVE-2025-39393 WordPress Hospital Management System plugin <= 47.0(20-11-2023) - Cross Site Scripting (XSS) vulnerability — Hospital Management System 7.1 High2025-05-19
CVE-2025-47946 symfony/ux-live-component and symfony/ux-twig-component vulnerable to unsanitized HTML attribute injection via ComponentAttributes — ux 6.1 Medium2025-05-19
CVE-2025-39407 WordPress Memberpress plugin < 1.12.0 - Reflected Cross Site Scripting (XSS) vulnerability — Memberpress 7.1 High2025-05-19
CVE-2025-39409 WordPress WordPress Video Robot - The Ultimate Video Importer plugin <= 1.20.0 - Reflected Cross Site Scripting (XSS) vulnerability — WordPress Video Robot - The Ultimate Video Importer 7.1 High2025-05-19
CVE-2025-39446 WordPress Booster Plus for WooCommerce plugin <= 7.2.4 - Reflected Cross Site Scripting (XSS) vulnerability — Booster Plus for WooCommerce 7.1 High2025-05-19
CVE-2025-43832 WordPress Remote Images Grabber plugin <= 0.6 - Reflected Cross Site Scripting (XSS) vulnerability — Remote Images Grabber 7.1 High2025-05-19
CVE-2025-43836 WordPress Syndicate Out <= 0.9 - Cross Site Scripting (XSS) Vulnerability — Syndicate Out 7.1 High2025-05-19
CVE-2025-43837 WordPress Total Donations <= 3.0.8 - Cross Site Scripting (XSS) Vulnerability — Total Donations 7.1 High2025-05-19
CVE-2025-43839 WordPress BP Messages Tool plugin <= 2.2 - Reflected Cross Site Scripting (XSS) vulnerability — BP Messages Tool 7.1 High2025-05-19
CVE-2025-26997 WordPress Wireless Butler plugin <= 1.0.11 - Cross Site Scripting (XSS) vulnerability — Wireless Butler 7.1 High2025-05-19
CVE-2025-39448 WordPress JetElements For Elementor plugin <= 2.7.4.1 - Cross Site Scripting (XSS) vulnerability — JetElements For Elementor 6.5 Medium2025-05-19
CVE-2025-39450 WordPress JetTabs plugin <= 2.2.7 - Cross Site Scripting (XSS) vulnerability — JetTabs 6.5 Medium2025-05-19
CVE-2025-43834 WordPress cookieBAR plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability — cookieBAR 5.9 Medium2025-05-19
CVE-2025-43841 WordPress WP Vegas plugin <= 2.2 - Cross Site Scripting (XSS) vulnerability — WP Vegas 6.5 Medium2025-05-19
CVE-2025-46262 WordPress Mad Mimi for WordPress plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability — Mad Mimi for WordPress 6.5 Medium2025-05-19
CVE-2025-46263 WordPress Author Box After Posts plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability — Author Box After Posts 6.5 Medium2025-05-19
CVE-2025-46543 WordPress Enhanced Paypal Shortcodes plugin <= 0.5a - Cross Site Scripting (XSS) vulnerability — Enhanced Paypal Shortcodes 6.5 Medium2025-05-19
CVE-2025-39369 WordPress Posts for Page plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability — Posts for Page 6.5 Medium2025-05-19
CVE-2025-32920 WordPress TI WooCommerce Wishlist plugin <= 2.10.0 - Cross Site Scripting (XSS) vulnerability — TI WooCommerce Wishlist 6.5 Medium2025-05-19

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21535 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.