Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-12529 brodos.net Onlineshop Plugin <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — brodos.net Onlineshop Plugin 6.4 Medium2025-01-25
CVE-2024-12076 Target Video Easy Publish <= 3.8.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Target Video Easy Publish 6.1 Medium2025-01-25
CVE-2024-12816 NOTICE BOARD BY TOWKIR <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — NOTICE BOARD BY TOWKIR 6.4 Medium2025-01-25
CVE-2024-12512 Ask Me Anything (Anonymously) <= 1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — Ask Me Anything (Anonymously) 6.4 Medium2025-01-25
CVE-2024-10552 Flexmls® IDX Plugin <= 3.14.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via API parameters — Flexmls® IDX Plugin 6.4 Medium2025-01-25
CVE-2025-0710 CampCodes School Management Software Notice Board Page notice-list cross site scripting — School Management Software 3.5 Low2025-01-24
CVE-2025-0709 Dcat-Admin Roles Page roles cross site scripting — Dcat-Admin 2.4 Low2025-01-24
CVE-2025-0708 fumiao opencms Add Model Management Page addOrUpdate cross site scripting — opencms 3.5 Low2025-01-24
CVE-2025-0706 JoeyBling bootplus admin.html cross site scripting — bootplus 2.4 Low2025-01-24
CVE-2025-24746 WordPress Popup Maker plugin <= 1.20.2 - Cross Site Scripting (XSS) vulnerability — Popup Maker 6.5 Medium2025-01-24
CVE-2025-24755 WordPress PDF Invoice Builder for WooCommerce plugin <= 4.6.0 - Cross Site Scripting (XSS) vulnerability — PDF Invoice Builder for WooCommerce 6.5 Medium2025-01-24
CVE-2025-24729 WordPress ElementInvader Addons for Elementor plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability — ElementInvader Addons for Elementor 6.5 Medium2025-01-24
CVE-2025-24721 WordPress Easy YouTube Gallery plugin <= 1.0.4 - Stored Cross Site Scripting (XSS) vulnerability — Easy YouTube Gallery 6.5 Medium2025-01-24
CVE-2025-24726 WordPress Contact Form 7 Widget plugin <= 1.2.1 - Stored Cross Site Scripting (XSS) vulnerability — HT Contact Form 7 6.5 Medium2025-01-24
CVE-2025-24730 WordPress WP VR plugin <= 8.5.14 - Cross Site Scripting (XSS) vulnerability — WP VR 6.5 Medium2025-01-24
CVE-2025-24723 WordPress Booking Calendar Contact Form Plugin <= 1.2.55 - Stored Cross Site Scripting (XSS) vulnerability — Booking Calendar Contact Form 5.9 Medium2025-01-24
CVE-2025-24731 WordPress IP2Location Country Blocker plugin <= 2.38.3 - Cross Site Scripting (XSS) vulnerability — Download IP2Location Country Blocker 5.9 Medium2025-01-24
CVE-2025-24719 WordPress Widget Countdown plugin <= 2.7.1 - Cross Site Scripting (XSS) vulnerability — Widget Countdown 6.5 Medium2025-01-24
CVE-2025-24732 WordPress BookingPress Plugin <= 1.1.25 - Cross Site Scripting (XSS) vulnerability — BookingPress 6.5 Medium2025-01-24
CVE-2025-24727 WordPress Contact Form to Email Plugin <= 1.3.52 - Cross Site Scripting (XSS) vulnerability — Contact Form Email 5.9 Medium2025-01-24
CVE-2025-24722 WordPress FAQ Builder AYS Plugin <= 1.7.3 - Cross Site Scripting (XSS) vulnerability — FAQ Builder AYS 5.9 Medium2025-01-24
CVE-2025-24706 WordPress MultiVendorX plugin <= 4.2.13 - Cross Site Scripting (XSS) vulnerability — MultiVendorX 6.5 Medium2025-01-24
CVE-2025-24709 WordPress Plethora Plugins Tabs + Accordions plugin <= 1.1.5 - Stored Cross Site Scripting (XSS) vulnerability — Plethora Plugins Tabs + Accordions 6.5 Medium2025-01-24
CVE-2025-24704 WordPress Magic the Gathering Card Tooltips plugin <= 3.4.0 - Cross Site Scripting (XSS) vulnerability — Magic the Gathering Card Tooltips 6.5 Medium2025-01-24
CVE-2025-24674 WordPress ShMapper by Teplitsa Plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability — ShMapper by Teplitsa 5.9 Medium2025-01-24
CVE-2025-24681 WordPress Product Carousel Slider & Grid Ultimate for WooCommerce Plugin <= 1.10.0 - Cross Site Scripting (XSS) vulnerability — Product Carousel Slider & Grid Ultimate for WooCommerce 5.9 Medium2025-01-24
CVE-2025-24687 WordPress Show/Hide Shortcode plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability — Show/Hide Shortcode 6.5 Medium2025-01-24
CVE-2025-24702 WordPress Xagio SEO plugin <= 7.0.0.20 - Cross Site Scripting (XSS) vulnerability — Xagio SEO 6.5 Medium2025-01-24
CVE-2025-24675 WordPress WP Visitor Statistics (Real Time Traffic) plugin <= 7.2 - Cross Site Scripting (XSS) vulnerability — WP Visitor Statistics (Real Time Traffic) 6.5 Medium2025-01-24
CVE-2025-24666 WordPress Hyve Lite plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerability — AI Chatbot for WordPress – Hyve Lite 5.9 Medium2025-01-24

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.