Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-23966 WordPress a Gateway for Pasargad Bank on WooCommerce Plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability — a Gateway for Pasargad Bank on WooCommerce 7.1 High2025-01-22
CVE-2025-23959 WordPress Good Old Gallery Plugin <= 2.1.2 - Reflected Cross Site Scripting (XSS) vulnerability — Good Old Gallery 7.1 High2025-01-22
CVE-2025-23867 WordPress WordPress File Search Plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability — WordPress File Search 7.1 High2025-01-22
CVE-2025-23874 WordPress WP Block Pack plugin <= 1.1.6 - Reflected Cross Site Scripting (XSS) vulnerability — WP Block Pack 7.1 High2025-01-22
CVE-2025-23866 WordPress EU DSGVO Helper Plugin <= 1.0.6.1 - Reflected Cross Site Scripting (XSS) vulnerability — EU DSGVO Helper 7.1 High2025-01-22
CVE-2025-23811 WordPress WP2APP Plugin <= 2.6.2 - Reflected Cross Site Scripting (XSS) vulnerability — WP2APP 7.1 High2025-01-22
CVE-2025-23798 WordPress Mass Messaging in BuddyPress Plugin <= 2.2.1 - Reflected Cross Site Scripting (XSS) vulnerability — Mass Messaging in BuddyPress 7.1 High2025-01-22
CVE-2025-23732 WordPress Easy Filtering plugin <= 2.5.0 - Reflected Cross Site Scripting (XSS) vulnerability — Easy Filtering 7.1 High2025-01-22
CVE-2025-23758 WordPress pootle button plugin <= 1.2.0 - Reflected Cross Site Scripting (XSS) vulnerability — Pootle button 7.1 High2025-01-22
CVE-2025-23769 WordPress Content Mirror plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability — Content Mirror 7.1 High2025-01-22
CVE-2025-23770 WordPress Fast Tube plugin <= 2.3.1 - Reflected Cross Site Scripting (XSS) vulnerability — Fast Tube 7.1 High2025-01-22
CVE-2025-23701 WordPress Lime Developer Login plugin <= 1.4.0 - Reflected Cross Site Scripting (XSS) vulnerability — Lime Developer Login 7.1 High2025-01-22
CVE-2025-23706 WordPress Jet Skinner for BuddyPress plugin <= 1.2.5 - Reflected Cross Site Scripting (XSS) vulnerability — Jet Skinner for BuddyPress 7.1 High2025-01-22
CVE-2025-23695 WordPress CtyGrid Hyp3rL0cal Search plugin <= 0.1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability — CtyGrid Hyp3rL0cal Search 7.1 High2025-01-22
CVE-2025-23697 WordPress Podčlánková inzerce plugin <= 2.4.0 - Reflected Cross Site Scripting (XSS) vulnerability — Podčlánková inzerce 7.1 High2025-01-22
CVE-2025-23700 WordPress yCyclista plugin <= 1.2.3 - Reflected Cross Site Scripting (XSS) vulnerability — yCyclista 7.1 High2025-01-22
CVE-2025-23696 WordPress Staging CDN plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability — Staging CDN 7.1 High2025-01-22
CVE-2025-23683 WordPress MACME plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability — MACME 7.1 High2025-01-22
CVE-2025-23682 WordPress Preloader Quotes plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability — Preloader Quotes 7.1 High2025-01-22
CVE-2025-23686 WordPress Admin Menu Organizer plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability — Admin Menu Organizer 7.1 High2025-01-22
CVE-2025-23679 WordPress FP RSS Category Excluder plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability — FP RSS Category Excluder 7.1 High2025-01-22
CVE-2025-23678 WordPress LocalGrid plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability — LocalGrid 7.1 High2025-01-22
CVE-2025-23676 WordPress LH Email plugin <= 1.12 - Reflected Cross Site Scripting (XSS) vulnerability — LH Email 7.1 High2025-01-22
CVE-2025-23672 WordPress Instant Appointment plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability — Instant Appointment 7.1 High2025-01-22
CVE-2025-23681 WordPress REDIRECTION PLUS plugin <= 2.0.0 - Reflected Cross Site Scripting (XSS) vulnerability — REDIRECTION PLUS 7.1 High2025-01-22
CVE-2025-23674 WordPress Bit.ly linker plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability — Bit.ly linker 7.1 High2025-01-22
CVE-2025-23631 WordPress Content Planner plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Content Planner 7.1 High2025-01-22
CVE-2025-23609 WordPress Tagesteller plugin <= v.1.1 - Reflected Cross Site Scripting (XSS) vulnerability — Tagesteller 7.1 High2025-01-22
CVE-2025-23611 WordPress WH Cache & Security plugin <= 1.1.2 - Reflected Cross Site Scripting (XSS) vulnerability — WH Cache & Security 7.1 High2025-01-22
CVE-2025-23630 WordPress Cyber Slider plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability — Cyber Slider 7.1 High2025-01-22

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.