Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-11376 s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 241216 - Reflected Cross-Site Scripting — s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions 6.1 Medium2025-02-18
CVE-2024-13582 Simple Pricing Tables For WPBakery Page Builder(Formerly Visual Composer) <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Simple Pricing Tables For WPBakery Page Builder(Formerly Visual Composer) 6.4 Medium2025-02-18
CVE-2024-13464 Library Bookshelves <= 5.10 - Authenticated (Contributor+) Stored Cross-Site Scripting — Library Bookshelves 6.4 Medium2025-02-18
CVE-2024-13565 Simple Map No Api <= 1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter — Simple Map No Api 6.4 Medium2025-02-18
CVE-2024-13848 Reaction Buttons <= 2.1.6 - Authenticated (Administrator+) Stored Cross-Site Scripting — Reaction Buttons 5.5 Medium2025-02-18
CVE-2024-13573 Zigaform – Form Builder Lite <= 7.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Zigaform – Form Builder Lite 6.4 Medium2025-02-18
CVE-2024-13576 Gumlet Video <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — Gumlet Video 6.4 Medium2025-02-18
CVE-2024-12525 Easy MLS Listings Import <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Easy MLS Listings Import 6.4 Medium2025-02-18
CVE-2024-13588 Simplebooklet PDF Viewer and Embedder <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Simplebooklet PDF Viewer and Embedder 6.4 Medium2025-02-18
CVE-2024-13577 CATS Job Listings <= 2.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — CATS Job Listings 6.4 Medium2025-02-18
CVE-2024-12813 Open Hours – Easy Opening Hours <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — Open Hours – Easy Opening Hours 6.4 Medium2025-02-18
CVE-2024-13579 WP-Asambleas <= 2.85.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — WP-Asambleas 6.4 Medium2025-02-18
CVE-2024-13578 WP-BibTeX <= 3.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — WP-BibTeX 6.4 Medium2025-02-18
CVE-2024-13501 WP-FormAssembly <= 2.0.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — WP-FormAssembly 6.4 Medium2025-02-18
CVE-2025-0805 Mortgage Calculator / Loan Calculator <= 1.5.20 - Authenticated (Contributor+) Stored Cross-Site Scripting — Mortgage Calculator / Loan Calculator 6.4 Medium2025-02-18
CVE-2024-13581 Simple Charts <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Simple Charts 6.4 Medium2025-02-18
CVE-2024-13587 Zigaform – Price Calculator & Cost Estimation Form Builder Lite <= 7.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — Zigaform – Price Calculator & Cost Estimation Form Builder Lite 6.4 Medium2025-02-18
CVE-2025-1392 D-Link DIR-816 index.html cross site scripting — DIR-816 3.5 Low2025-02-17
CVE-2025-23840 WordPress WP-NOTCAPTCHA Plugin <= 1.3.1 - Reflected Cross Site Scripting (XSS) vulnerability — WP-NOTCAPTCHA 7.1 High2025-02-17
CVE-2025-23845 WordPress ImageMeta Plugin <= 1.1.2 - Reflected Cross Site Scripting (XSS) vulnerability — ImageMeta 7.1 High2025-02-17
CVE-2025-26772 WordPress DethemeKit For Elementor plugin <= 2.1.8 - Cross Site Scripting (XSS) vulnerability — DethemeKit For Elementor 6.5 Medium2025-02-17
CVE-2025-26778 WordPress Gallery Custom Links Plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability — Gallery 5.9 Medium2025-02-17
CVE-2025-26775 WordPress BEAR Plugin <= 1.1.4.4 - Cross Site Scripting (XSS) vulnerability — BEAR 5.9 Medium2025-02-17
CVE-2025-26769 WordPress Vertex Addons for Elementor plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability — Vertex Addons for Elementor 6.5 Medium2025-02-17
CVE-2025-26771 WordPress SKT Blocks plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability — SKT Blocks 6.5 Medium2025-02-17
CVE-2025-26770 WordPress Waymark plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability — Waymark 6.5 Medium2025-02-17
CVE-2025-26754 WordPress Timeline Block plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability — Timeline Block 6.5 Medium2025-02-17
CVE-2025-0924 WP Activity Log <= 5.2.2 - Unauthenticated Stored Cross-Site Scripting — WP Activity Log 7.2 High2025-02-17
CVE-2025-26766 WordPress Leyka plugin <= 3.31.8 - Cross Site Scripting (XSS) vulnerability — Leyka 6.5 Medium2025-02-16
CVE-2025-26767 WordPress Qubely plugin <= 1.8.12 - Cross Site Scripting (XSS) vulnerability — Qubely 6.5 Medium2025-02-16

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.