Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21538

21538 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-2870 Reflected Cross-Site Scripting (XSS) vulnerability in Clinic Queuing System — Clinic Queuing System 6.1 -2025-03-28
CVE-2025-2869 Reflected Cross-Site Scripting (XSS) vulnerability in Clinic Queuing System — Clinic Queuing System 6.1 -2025-03-28
CVE-2025-2868 Reflected Cross-Site Scripting (XSS) vulnerability in Clinic Queuing System — Clinic Queuing System 6.1 -2025-03-28
CVE-2025-31073 WordPress Unlimited plugin <= 1.45 - Cross Site Scripting (XSS) Vulnerability — Unlimited 6.5 Medium2025-03-28
CVE-2025-31077 WordPress Ultimate Blocks plugin <= 3.2.7 - Cross Site Scripting (XSS) vulnerability — Ultimate Blocks 6.5 Medium2025-03-28
CVE-2025-31088 WordPress Paid Member Subscriptions plugin <= 2.14.3 - Cross Site Scripting (XSS) Vulnerability — Paid Member Subscriptions 6.5 Medium2025-03-28
CVE-2025-31083 WordPress Leaky Paywall plugin <= 4.21.7 - Cross Site Scripting (XSS) Vulnerability — Leaky Paywall 6.5 Medium2025-03-28
CVE-2025-31090 WordPress Dropdown Multisite selector plugin < 0.9.4 - Cross Site Scripting (XSS) Vulnerability — Dropdown Multisite selector 6.5 Medium2025-03-28
CVE-2025-31094 WordPress WP Posts Carousel plugin <= 1.3.8 - Cross Site Scripting (XSS) Vulnerability — WP Posts Carousel 6.5 Medium2025-03-28
CVE-2025-31093 WordPress RPS Include Content plugin <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability — RPS Include Content 6.5 Medium2025-03-28
CVE-2025-31096 WordPress PostX plugin <= 4.1.25 - Cross Site Scripting (XSS) Vulnerability — PostX 6.5 Medium2025-03-28
CVE-2025-31102 WordPress Hostel plugin <= 1.1.5.5 - Reflected Cross Site Scripting (XSS) vulnerability — Hostel 7.1 High2025-03-28
CVE-2019-16149 Fortinet FortiClient Enterprise Management Server 跨站脚本漏洞 — FortiClientEMS 5.4 Medium2025-03-28
CVE-2025-1705 tagDiv Composer <= 5.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting — tagDiv Composer 6.1 Medium2025-03-28
CVE-2025-27574 KDDI HGW BL1500HM 跨站脚本漏洞 — HGW-BL1500HM 6.1 -2025-03-28
CVE-2025-27567 KDDI HGW BL1500HM 跨站脚本漏洞 — HGW-BL1500HM 6.1 -2025-03-28
CVE-2025-2804 tagDiv Composer <= 5.3 - Reflected Cross-Site Scripting via 'account_id' and 'account_username' — tagDiv Composer 6.1 Medium2025-03-28
CVE-2024-58128 MISP 安全漏洞 — MISP 5.5 Medium2025-03-28
CVE-2024-58129 MISP 安全漏洞 — MISP 5.5 Medium2025-03-28
CVE-2024-58130 MISP 安全漏洞 — MISP 7.2 High2025-03-28
CVE-2025-31092 WordPress Click to Chat – WP Support All-in-One Floating Widget plugin <= 2.3.4 - Cross Site Scripting (XSS) vulnerability — Click to Chat – WP Support All-in-One Floating Widget 6.5 Medium2025-03-27
CVE-2025-2878 Kentico CMS Additional Database Installation Wizard install.aspx cross site scripting — CMS 2.4 Low2025-03-27
CVE-2025-31101 WordPress VaultRE Contact Form 7 plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability — VaultRE Contact Form 7 5.9 Medium2025-03-27
CVE-2025-31031 WordPress Job Colors for WP Job Manager plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability — Job Colors for WP Job Manager 5.9 Medium2025-03-27
CVE-2025-26874 WordPress MemberSpace plugin <= 2.1.13 - Reflected Cross Site Scripting (XSS) vulnerability — MemberSpace 7.1 High2025-03-27
CVE-2025-30366 WeGIA vulnerable to Stored XSS in personalizacao.php — WeGIA 5.4AIMediumAI2025-03-27
CVE-2025-30363 WeGIA vulnerable to Stored XSS in documentos_funcionario.php parameter dados_addInfo — WeGIA 5.4AIMediumAI2025-03-27
CVE-2025-30362 WeGIA vulnerable to Stored XSS in documentos_funcionario.php parameter id — WeGIA 5.4AIMediumAI2025-03-27
CVE-2025-26762 WordPress WooCommerce plugin <= 9.7.0 - Cross Site Scripting (XSS) vulnerability — WooCommerce 5.9 Medium2025-03-27
CVE-2025-22278 WordPress Whitish Lite theme <= 2.1.13 - Stored Cross Site Scripting (XSS) vulnerability — Whitish Lite 6.5 Medium2025-03-27

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21538 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.