Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21546

21546 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-30573 WordPress My Default Post Content plugin <= - 0.7.3 Cross Site Scripting (XSS) Vulnerability — My Default Post Content 5.9 Medium2025-03-24
CVE-2025-30566 WordPress Clink plugin <= 1.2.2 - Cross Site Scripting (XSS) Vulnerability — Clink 6.5 Medium2025-03-24
CVE-2025-30553 WordPress GMO Font Agent plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability — GMO Font Agent 6.5 Medium2025-03-24
CVE-2025-30551 WordPress Pretty file links plugin <= 0.9 - Cross Site Scripting (XSS) vulnerability — Pretty file links 6.5 Medium2025-03-24
CVE-2025-30545 WordPress issuuPress plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability — issuuPress 5.9 Medium2025-03-24
CVE-2025-30540 WordPress AvaiBook plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability — AvaiBook 5.9 Medium2025-03-24
CVE-2025-30539 WordPress BMo Expo plugin <= 1.0.15 - Cross Site Scripting (XSS) vulnerability — BMo Expo 5.9 Medium2025-03-24
CVE-2025-30537 WordPress Upload Quota per User plugin <= 1.3 - Cross Site Scripting (XSS) Vulnerability — Upload Quota per User 5.9 Medium2025-03-24
CVE-2025-30536 WordPress Beautiful Link Preview plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability — Beautiful Link Preview 5.9 Medium2025-03-24
CVE-2025-30532 WordPress Weather Layer plugin <= 4.2.1 - Cross Site Scripting (XSS) vulnerability — Weather Layer 5.9 Medium2025-03-24
CVE-2025-30533 WordPress Message ticker plugin <= 9.3 - Cross Site Scripting (XSS) Vulnerability — Message ticker 5.9 Medium2025-03-24
CVE-2025-30530 WordPress AI Preloader plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability — AI Preloader 5.9 Medium2025-03-24
CVE-2025-30527 WordPress My Bootstrap Menu plugin <= 1.2.1 - Stored Cross Site Scripting (XSS) vulnerability — My Bootstrap Menu 5.9 Medium2025-03-24
CVE-2025-2700 michelson Dante Editor Insert Link cross site scripting — Dante Editor 3.5 Low2025-03-24
CVE-2025-2699 GetmeUK ContentTools Image cross site scripting — ContentTools 3.5 Low2025-03-24
CVE-2025-2673 code-projects Payroll Management System home_employee.php cross site scripting — Payroll Management System 3.5 Low2025-03-23
CVE-2025-2650 PHPGurukul Medical Card Generation System download-medical-cards.php cross site scripting — Medical Card Generation System 3.5 Low2025-03-23
CVE-2025-2645 PHPGurukul Art Gallery Management System product.php cross site scripting — Art Gallery Management System 3.5 Low2025-03-23
CVE-2025-2623 westboy CicadasCMS save cross site scripting — CicadasCMS 3.5 Low2025-03-22
CVE-2025-2617 yangyouwang 杨有旺 crud 简约后台管理系统 Department Page cross site scripting — crud 简约后台管理系统 2.4 Low2025-03-22
CVE-2025-26796 Apache Oozie: XSS in Oozie Web Console — Apache Oozie 6.1 -2025-03-22
CVE-2025-2577 Bitspecter Suite <= 1.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload — Bitspecter Suite 6.4 Medium2025-03-22
CVE-2025-2616 yangyouwang 杨有旺 crud 简约后台管理系统 Role Management Page cross site scripting — crud 简约后台管理系统 2.4 Low2025-03-22
CVE-2025-2482 Gotcha | Gesture-based Captcha <= 1.0.0 - Reflected Cross-Site Scripting via menu Parameter — Gotcha | Gesture-based Captcha 6.1 Medium2025-03-22
CVE-2025-2484 Multi Video Box <= 1.5.2 - Reflected Cross-Site Scripting via video_id and group_id Parameters — Multi Video Box 6.1 Medium2025-03-22
CVE-2025-2477 CryoKey <= 2.4 - Reflected Cross-Site Scripting via 'ckemail' Parameter — CryoKey 4.7 Medium2025-03-22
CVE-2025-2479 Easy Custom Admin Bar <= 1.0 - Reflected Cross-Site Scripting via msg Parameter — Easy Custom Admin Bar 6.1 Medium2025-03-22
CVE-2024-13739 Newsletters <= 4.9.9.7 - Reflected Cross-Site Scripting via To Parameter — Newsletters 6.1 Medium2025-03-22
CVE-2025-2609 MagnusBilling Stored Cross-Site Scripting in Login Logs — MagnusBilling 8.2 High2025-03-21
CVE-2025-2610 MagnusBilling Stored Cross-Site Scripting in Alarm Module — MagnusBilling 7.6 High2025-03-21

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21546 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.