Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-0747 Stored Cross-Site vulnerability in EmbedAI — EmbedAI 8.6 High2025-01-30
CVE-2025-0746 Reflected Cross-Site Scripting vulnerability in EmbedAI — EmbedAI 6.1 Medium2025-01-30
CVE-2024-12409 Simple:Press Forum <= 6.10.11 - Reflected Cross-Site Scripting — Simple:Press Forum 6.1 Medium2025-01-30
CVE-2024-13706 WP Image Uploader <= 1.0.1 - Reflected Cross-Site Scripting — WP Image Uploader 6.1 Medium2025-01-30
CVE-2024-12524 Clinked Client Portal <= 1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — Clinked Client Portal 6.4 Medium2025-01-30
CVE-2025-0860 VR-Frases (collect & share quotes) <= 3.0.1 - Reflected Cross-Site Scripting — VR-Frases 6.1 Medium2025-01-30
CVE-2024-13732 Responsive Blocks – WordPress Gutenberg Blocks <= 1.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via section_tag Parameter — Responsive Blocks – Page Builder for Blocks & Patterns 6.4 Medium2025-01-30
CVE-2024-13470 Ninja Forms – The Contact Form Builder That Grows With You <= 3.8.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Ninja Forms – The Contact Form Builder That Grows With You 6.4 Medium2025-01-30
CVE-2024-13642 Stratum – Elementor Widgets <= 1.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting Vulnerability via Image Hotspot Widget — Stratum Widgets for Elementor 6.4 Medium2025-01-30
CVE-2024-12921 EthereumICO <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via ethereum-ico Shortcode — EthereumICO 6.4 Medium2025-01-30
CVE-2025-0844 needyamin Library Card System Registration Page signup.php cross site scripting — Library Card System 4.3 Medium2025-01-29
CVE-2025-0353 Divi Torque Lite <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — Divi Torque Lite – Divi Theme, Divi Builder & Extra Theme 6.4 Medium2025-01-29
CVE-2024-13561 Target Video Easy Publish <= 3.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via brid_override_yt Shortcode — Target Video Easy Publish 6.4 Medium2025-01-29
CVE-2024-13696 Flexible Wishlist for WooCommerce <= 1.2.25 - Unauthenticated Stored Cross-Site Scripting via wishlist_name Parameter — Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later 7.2 High2025-01-29
CVE-2025-0804 ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages <= 2.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages 6.4 Medium2025-01-29
CVE-2025-0806 code-projects Job Recruitment _call_job_search_ajax.php cross site scripting — Job Recruitment 4.3 Medium2025-01-29
CVE-2025-23362 Exif Viewer 跨站脚本漏洞 — EXIF Viewer Classic 6.1 -2025-01-29
CVE-2025-0800 SourceCodester Online Courseware Edit Teacher saveeditt.php cross site scripting — Online Courseware 2.4 Low2025-01-29
CVE-2025-0795 ESAFENET CDG todolistjump.jsp cross site scripting — CDG 3.5 Low2025-01-29
CVE-2025-0794 ESAFENET CDG todoDetail.jsp cross site scripting — CDG 3.5 Low2025-01-29
CVE-2025-0790 ESAFENET CDG doneDetail.jsp cross site scripting — CDG 3.5 Low2025-01-28
CVE-2025-0787 ESAFENET CDG appDetail.jsp cross site scripting — CDG 3.5 Low2025-01-28
CVE-2025-0785 ESAFENET CDG SysConfig.jsp cross site scripting — CDG 3.5 Low2025-01-28
CVE-2024-8401 Schneider Electric EcoStruxure Power Monitoring Expert 跨站脚本漏洞 — EcoStruxure Power Monitoring Expert (PME) 2021 5.4 Medium2025-01-28
CVE-2024-13527 Philantro – Donations and Donor Management <= 5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via donate Shortcode — Philantro – Donations and Donor Management 6.4 Medium2025-01-28
CVE-2025-0321 ElementsKit Pro <= 3.7.8 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via url Parameter — ElementsKit Pro 6.4 Medium2025-01-28
CVE-2024-13509 WS Form LITE and PRO <= 1.10.13 - Unauthenticated Stored Cross-Site Scripting — WS Form LITE – Drag & Drop Contact Form Builder 7.2 High2025-01-28
CVE-2025-24810 WordPress plugin Simple Image Sizes 跨站脚本漏洞 — Simple Image Sizes 4.8 -2025-01-28
CVE-2023-52292 IBM Sterling File Gateway cross-site scripting — Sterling File Gateway 6.4 Medium2025-01-27
CVE-2024-37527 IBM OpenPages with Watson cross-site scripting — OpenPages with Watson 5.4 Medium2025-01-27

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.