Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21550

21550 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-26952 WordPress Business Card Block plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability — Business Card Block 6.5 Medium2025-02-25
CVE-2025-26945 WordPress Info Cards plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability — Info Cards 6.5 Medium2025-02-25
CVE-2025-26939 WordPress Counters Block plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability — Counters Block 6.5 Medium2025-02-25
CVE-2025-26947 WordPress Services Section block plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability — Services Section block 6.5 Medium2025-02-25
CVE-2025-26949 WordPress Team Section Block plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability — Team Section Block 6.5 Medium2025-02-25
CVE-2025-26938 WordPress Countdown Timer block plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability — Countdown Timer 6.5 Medium2025-02-25
CVE-2025-26937 WordPress Icon List Block plugin <= 1.1.3 - Cross Site Scripting (XSS) vulnerability — Icon List Block 6.5 Medium2025-02-25
CVE-2025-26913 WordPress AR for WordPress plugin <= 7.7 - Cross Site Scripting (XSS) vulnerability — AR For WordPress 6.5 Medium2025-02-25
CVE-2025-26912 WordPress Easy Elementor Addons plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability — Easy Elementor Addons 6.5 Medium2025-02-25
CVE-2025-26907 WordPress Estatik Mortgage Calculator plugin <= 2.0.12 - Local File Inclusion vulnerability — Mortgage Calculator Estatik 7.5 High2025-02-25
CVE-2025-26897 WordPress List Related Attachments plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability — List Related Attachments 6.5 Medium2025-02-25
CVE-2025-26904 WordPress WP Responsive Auto Fit Text plugin <= 0.2 - Cross Site Scripting (XSS) vulnerability — WP Responsive Auto Fit Text 6.5 Medium2025-02-25
CVE-2025-26893 WordPress Easy Charts plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerability — Easy Charts 6.5 Medium2025-02-25
CVE-2025-26896 WordPress PiwigoPress plugin <= 2.33 - Cross Site Scripting (XSS) vulnerability — PiwigoPress 6.5 Medium2025-02-25
CVE-2025-26881 WordPress Sticky Content plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability — Sticky Content 6.5 Medium2025-02-25
CVE-2025-26884 WordPress Greenshift plugin <= 10.8 - Cross Site Scripting (XSS) vulnerability — Greenshift 6.5 Medium2025-02-25
CVE-2025-26887 WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.21.35 - Cross Site Scripting (XSS) vulnerability — EZ SQL Reports Shortcode Widget and DB Backup 6.5 Medium2025-02-25
CVE-2025-26882 WordPress Popup Builder plugin <= 1.1.33 - Cross Site Scripting (XSS) vulnerability — Popup Builder 6.5 Medium2025-02-25
CVE-2025-26891 WordPress Ibtana plugin <= 1.2.5.9 - Cross Site Scripting (XSS) vulnerability — Ibtana 6.5 Medium2025-02-25
CVE-2025-26877 WordPress Front End Users Plugin <= 3.2.30 - Cross Site Scripting (XSS) vulnerability — Front End Users 6.5 Medium2025-02-25
CVE-2025-26878 WordPress Autoship Cloud for WooCommerce Subscription Products plugin <= 2.8.0.1 - Cross Site Scripting (XSS) vulnerability — Autoship Cloud for WooCommerce Subscription Products 6.5 Medium2025-02-25
CVE-2025-26868 WordPress Fast Flow plugin <= 1.2.16 - Reflected Cross Site Scripting (XSS) vulnerability — Fast Flow 7.1 High2025-02-25
CVE-2025-26751 WordPress Alphabetic Pagination Plugin <= 3.2.1 - Reflected Cross Site Scripting (XSS) vulnerability — Alphabetic Pagination 7.1 High2025-02-25
CVE-2024-54444 WordPress Elementor plugin <= 3.25.10 - Cross Site Scripting (XSS) vulnerability — Elementor Website Builder 6.5 Medium2025-02-25
CVE-2025-26987 WordPress Frontend Admin by DynamiApps plugin <= 3.25.17 - Reflected Cross Site Scripting (XSS) vulnerability — Frontend Admin by DynamiApps 7.1 High2025-02-25
CVE-2025-26530 Reflected XSS via question bank filter — moodle 8.3 High2025-02-24
CVE-2025-26529 Stored XSS risk in admin live log — moodle 8.3 High2025-02-24
CVE-2025-26528 Stored XSS in ddimageortext question type — moodle 3.4 Low2025-02-24
CVE-2025-27352 WordPress 无觅相关文章插件 plugin <= 1.0.5.7 - CSRF to Cross Site Scripting (XSS) vulnerability — 无觅相关文章插件 7.1 High2025-02-24
CVE-2025-27351 WordPress Local Search SEO Contact Page plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerability — Local Search SEO Contact Page 6.5 Medium2025-02-24

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21550 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.