Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21536

21536 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-2977 GFI KerioConnect PDF File cross site scripting — KerioConnect 3.5 Low2025-03-31
CVE-2025-2976 GFI KerioConnect File Upload cross site scripting — KerioConnect 3.5 Low2025-03-31
CVE-2025-2975 GFI KerioConnect Signature EditHtmlSource cross site scripting — KerioConnect 3.5 Low2025-03-31
CVE-2025-2974 CodeCanyon Perfex CRM Contracts contract cross site scripting — Perfex CRM 3.5 Low2025-03-31
CVE-2024-55093 phpIPAM 跨站脚本漏洞 — phpIPAM 5.4 Medium2025-03-31
CVE-2024-11180 ElementsKit Elementor addons <= 3.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor 6.4 Medium2025-03-29
CVE-2025-22566 WordPress ULTIMATE VIDEO GALLERY Plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability — ULTIMATE VIDEO GALLERY 7.1 High2025-03-28
CVE-2025-22575 WordPress SUPER RESPONSIVE SLIDER Plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability — SUPER RESPONSIVE SLIDER 7.1 High2025-03-28
CVE-2025-22767 WordPress GlobalPayments WooCommerce Plugin <= 1.13.2 - Reflected Cross Site Scripting (XSS) vulnerability — GlobalPayments WooCommerce 7.1 High2025-03-28
CVE-2025-22360 WordPress WP Azure offload plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability — WP Azure offload 7.1 High2025-03-28
CVE-2025-22356 WordPress Stencies plugin <= 0.58 - Reflected Cross Site Scripting (XSS) vulnerability — Stencies 7.1 High2025-03-28
CVE-2024-51624 WordPress Já-Já Pagamentos for WooCommerce plugin <= 1.3.0 - Reflected Cross Site Scripting (XSS) vulnerability — Já-Já Pagamentos for WooCommerce 7.1 High2025-03-28
CVE-2024-39311 Publify Vulnerable To Cross-Site Scripting (XSS) Via Redirects Requiring User Interaction — publify 5.4 -2025-03-28
CVE-2025-2864 Reflected Cross-Site Scripting (XSS) vulnerability in saTECH BCU — saTECH BCU 6.1 -2025-03-28
CVE-2025-31433 WordPress Magic Embeds plugin <= 3.1.2 - Cross Site Scripting (XSS) Vulnerability — Magic Embeds 6.5 Medium2025-03-28
CVE-2025-31434 WordPress FormLift for Infusionsoft Web Forms plugin <= 7.5.19 - Cross Site Scripting (XSS) Vulnerability — FormLift for Infusionsoft Web Forms 6.5 Medium2025-03-28
CVE-2025-31437 WordPress WP-OGP plugin <= 1.0.5 - Cross Site Scripting (XSS) Vulnerability — WP-OGP 5.9 Medium2025-03-28
CVE-2025-31450 WordPress Toggle Box plugin <= 1.6 - Cross Site Scripting (XSS) Vulnerability — Toggle Box 6.5 Medium2025-03-28
CVE-2025-31451 WordPress wBounce plugin <= 1.8.1 - Cross Site Scripting (XSS) Vulnerability — wBounce 6.5 Medium2025-03-28
CVE-2025-31452 WordPress WP Ultimate Search plugin <= 2.0.3 - Cross Site Scripting (XSS) Vulnerability — WP Ultimate Search 6.5 Medium2025-03-28
CVE-2025-31453 WordPress YouTube SimpleGallery plugin <= 2.0.6 - Cross Site Scripting (XSS) Vulnerability — YouTube SimpleGallery 6.5 Medium2025-03-28
CVE-2025-31463 WordPress TGG WP Optimizer plugin <= 1.25 - Cross Site Scripting (XSS) Vulnerability — TGG WP Optimizer 5.9 Medium2025-03-28
CVE-2025-31464 WordPress Text Selection Color plugin <= 1.6 - Cross Site Scripting (XSS) Vulnerability — Text Selection Color 5.9 Medium2025-03-28
CVE-2025-31465 WordPress Better Section Navigation Widget plugin <= 1.6.1 - Cross Site Scripting (XSS) Vulnerability — Better Section Navigation Widget 6.5 Medium2025-03-28
CVE-2025-31470 WordPress Page Takeover plugin <= 1.1.6 - Cross Site Scripting (XSS) Vulnerability — Page Takeover 5.9 Medium2025-03-28
CVE-2025-31471 WordPress Duplicate Page and Post plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability — Duplicate Page and Post 5.9 Medium2025-03-28
CVE-2025-31472 WordPress Flatty plugin <= 2.0.0 - Cross Site Scripting (XSS) Vulnerability — Flatty 5.9 Medium2025-03-28
CVE-2025-31473 WordPress WP Database Optimizer plugin <= 1.2.1.3 - Cross Site Scripting (XSS) Vulnerability — WP Database Optimizer 5.9 Medium2025-03-28
CVE-2025-2870 Reflected Cross-Site Scripting (XSS) vulnerability in Clinic Queuing System — Clinic Queuing System 6.1 -2025-03-28
CVE-2025-2869 Reflected Cross-Site Scripting (XSS) vulnerability in Clinic Queuing System — Clinic Queuing System 6.1 -2025-03-28

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21536 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.