Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21538

21538 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-2481 MediaView <= 1.1.2 - Reflected Cross-Site Scripting via id Parameter — MediaView 6.1 Medium2025-03-27
CVE-2025-27609 Icinga Web 2 Vulnerable to Reflected XSS — icingaweb2 6.1AIMediumAI2025-03-26
CVE-2025-27406 Icinga Reporting Stored XSS leads to SSRF — icingaweb2-module-reporting 7.7 High2025-03-26
CVE-2025-27405 Icinga Web 2 has XSS in embedded content — icingaweb2 7.7 High2025-03-26
CVE-2025-26739 WordPress newseqo theme <= 2.1.1 - Stored Cross Site Scripting (XSS) vulnerability — newseqo 6.5 Medium2025-03-26
CVE-2025-26747 WordPress RainbowNews theme <= 1.0.7 - Cross Site Scripting (XSS) vulnerability — RainbowNews 6.5 Medium2025-03-26
CVE-2025-26869 WordPress Build theme <= 1.0.3 - Cross Site Scripting (XSS) vulnerability — Build 6.5 Medium2025-03-26
CVE-2025-26922 WordPress AuraMart theme <= 2.0.7 - Cross Site Scripting (XSS) vulnerability — AuraMart 6.5 Medium2025-03-26
CVE-2025-26923 WordPress Event post plugin <= 5.9.8 - Cross Site Scripting (XSS) vulnerability — Event post 6.5 Medium2025-03-26
CVE-2025-26929 WordPress Accounting for WooCommerce plugin <= 1.6.8 - Cross Site Scripting (XSS) vulnerability — Accounting for WooCommerce 5.9 Medium2025-03-26
CVE-2025-27014 WordPress Hostiko Theme < 30.1 - Cross Site Scripting (XSS) vulnerability — Hostiko 7.1 High2025-03-26
CVE-2025-28935 WordPress Fancybox Plus plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability — Fancybox Plus 7.1 High2025-03-26
CVE-2025-28924 WordPress ZenphotoPress plugin <= 1.8 - Reflected Cross Site Scripting (XSS) vulnerability — ZenphotoPress 7.1 High2025-03-26
CVE-2025-28934 WordPress Simple Post Series plugin <= 2.4.4 - Reflected Cross Site Scripting (XSS) vulnerability — Simple Post Series 7.1 High2025-03-26
CVE-2025-28921 WordPress SpatialMatch IDX plugin <= 3.0.9 - Reflected Cross Site Scripting (XSS) vulnerability — SpatialMatch IDX 7.1 High2025-03-26
CVE-2025-28917 WordPress Custom Smilies plugin <= 2.9.2 - Cross Site Scripting (XSS) vulnerability — Custom Smilies 7.1 High2025-03-26
CVE-2025-28928 WordPress Are you robot google recaptcha for Wordpress plugin <= 2.2 - Reflected Cross Site Scripting (XSS) vulnerability — Are you robot google recaptcha for wordpress 7.1 High2025-03-26
CVE-2025-28911 WordPress Gravity 2 PDF plugin <= 3.1.3 - Reflected Cross Site Scripting (XSS) vulnerability — Gravity 2 PDF 7.1 High2025-03-26
CVE-2025-28903 WordPress Driving Directions plugin <= 1.4.4 - Reflected Cross Site Scripting (XSS) vulnerability — Driving Directions 7.1 High2025-03-26
CVE-2025-28899 WordPress WP Event Ticketing plugin <= 1.3.4 - Reflected Cross Site Scripting (XSS) vulnerability — WP Event Ticketing 7.1 High2025-03-26
CVE-2025-28889 WordPress Custom Product Stickers for Woocommerce plugin <= 1.9.0 - Reflected Cross Site Scripting (XSS) vulnerability — Custom Product Stickers for Woocommerce 7.1 High2025-03-26
CVE-2025-28882 WordPress Omnify plugin <= 2.0.3 - Reflected Cross Site Scripting (XSS) vulnerability — Omnify 7.1 High2025-03-26
CVE-2025-28885 WordPress Fiverr.com Official Search Box plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability — Fiverr.com Official Search Box 6.5 Medium2025-03-26
CVE-2025-28890 WordPress Lightview Plus plugin <= 3.1.3 - Reflected Cross Site Scripting (XSS) vulnerability — Lightview Plus 7.1 High2025-03-26
CVE-2025-28865 WordPress WP Colorful Tag Cloud plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability — WP Colorful Tag Cloud 7.1 High2025-03-26
CVE-2025-28869 WordPress NextGEN Gallery Voting plugin <= 2.7.6 - Reflected Cross Site Scripting (XSS) vulnerability — NextGEN Gallery Voting 7.1 High2025-03-26
CVE-2025-28858 WordPress Arrow Maps plugin <= 1.0.9 - Reflected Cross Site Scripting (XSS) vulnerability — Arrow Maps 7.1 High2025-03-26
CVE-2025-28877 WordPress Key4ce osTicket Bridge plugin <= 1.4.0 - Reflected Cross Site Scripting (XSS) vulnerability — Key4ce osTicket Bridge 7.1 High2025-03-26
CVE-2025-28880 WordPress Blue Captcha plugin <= 1.7.4 - Reflected Cross Site Scripting (XSS) vulnerability — Blue Captcha 7.1 High2025-03-26
CVE-2025-26583 WordPress Video Share VOD plugin <= 2.7.9 - Reflected Cross-Site Scripting vulnerability — Video Share VOD 7.1 High2025-03-26

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21538 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.