Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-23625 WordPress Unique UX plugin <= 0.9.2 - Reflected Cross Site Scripting (XSS) vulnerability — Unique UX 7.1 High2025-01-22
CVE-2025-23607 WordPress CAMOO SMS plugin <= 3.0.1 - Reflected Cross Site Scripting (XSS) vulnerability — CAMOO SMS 7.1 High2025-01-22
CVE-2025-23610 WordPress Ultimate Events plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability — Ultimate Events 7.1 High2025-01-22
CVE-2025-23604 WordPress Rezdy Reloaded plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability — Rezdy Reloaded 7.1 High2025-01-22
CVE-2025-23605 WordPress Call To Action Popup plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability — Call To Action Popup 7.1 High2025-01-22
CVE-2025-23602 WordPress EELV Newsletter plugin <= 4.8.2 - Reflected Cross Site Scripting (XSS) vulnerability — EELV Newsletter 7.1 High2025-01-22
CVE-2025-23606 WordPress Calendi plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability — Calendi 7.1 High2025-01-22
CVE-2025-23603 WordPress Group category creator plugin <= 1.3.0.3 - Reflected Cross Site Scripting (XSS) vulnerability — Group category creator 7.1 High2025-01-22
CVE-2025-23578 WordPress Custom CSS Addons plugin <= 1.9.1 - Reflected Cross Site Scripting (XSS) vulnerability — Custom CSS Addons 7.1 High2025-01-22
CVE-2025-23597 WordPress Rio Photo Gallery plugin <= 0.1 - Reflected Cross Site Scripting (XSS) vulnerability — Rio Photo Gallery 7.1 High2025-01-22
CVE-2025-23601 WordPress Tab My Content plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability — Tab My Content 7.1 High2025-01-22
CVE-2025-23592 WordPress dForms plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability — dForms 7.1 High2025-01-22
CVE-2025-23583 WordPress Explara Membership plugin <= 0.0.7 - Reflected Cross Site Scripting (XSS) vulnerability — Explara Membership 7.1 High2025-01-22
CVE-2025-23589 WordPress ContentOptin Lite plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability — ContentOptin Lite 7.1 High2025-01-22
CVE-2025-23509 WordPress HyperComments plugin <= 0.9.6 - Reflected Cross Site Scripting (XSS) vulnerability — HyperComments 7.1 High2025-01-22
CVE-2025-23503 WordPress Customizable Captcha and Contact us plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability — Customizable Captcha and Contact Us 7.1 High2025-01-22
CVE-2025-23548 WordPress Responsivity plugin <= 0.0.6 - Reflected Cross Site Scripting (XSS) vulnerability — Responsivity 7.1 High2025-01-22
CVE-2025-23507 WordPress Blrt WP Embed plugin <= 1.6.9 - Reflected Cross Site Scripting (XSS) vulnerability — Blrt WP Embed 7.1 High2025-01-22
CVE-2025-23535 WordPress REAL WordPress Sidebar plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability — REAL WordPress Sidebar 7.1 High2025-01-22
CVE-2025-23498 WordPress Translation.Pro plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability — Translation.Pro 7.1 High2025-01-22
CVE-2025-23495 WordPress WooCommerce Order Search plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability — WooCommerce Order Search 7.1 High2025-01-22
CVE-2025-23500 WordPress Simple Custom post type custom field plugin <= 1.0.3 - Reflected Cross Site Scripting (XSS) vulnerability — Simple Custom post type custom field 7.1 High2025-01-22
CVE-2025-24027 ps_contactinfo has potential XSS due to usage of the nofilter tag in template — ps_contactinfo 6.2 Medium2025-01-22
CVE-2024-13319 Themify Builder <= 7.6.5 - Reflected Cross-Site Scripting — Themify Builder 6.1 Medium2025-01-22
CVE-2024-12117 Stackable – Page Builder Gutenberg Blocks <= 3.13.11 - Authenticated (Contributor+) Stored Cross-Site Scripting — Stackable – Page Builder Gutenberg Blocks 6.4 Medium2025-01-22
CVE-2024-13406 XML for Google Merchant Center <= 3.0.11 - Reflected Cross-Site Scripting — XML for Google Merchant Center 6.1 Medium2025-01-22
CVE-2024-13590 Ketchup Shortcodes <= 0.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Ketchup Shortcodes 6.4 Medium2025-01-22
CVE-2024-13584 Picture Gallery – Frontend Image Uploads, AJAX Photo List <= 1.5.19 - Authenticated (Contributor+) Stored Cross-Site Scripting — Picture Gallery – Frontend Image Uploads, AJAX Photo List 6.4 Medium2025-01-22
CVE-2024-45478 Apache Ranger: Stored XSS in Edit Service page - Add logic to validate user input — Apache Ranger 5.4 -2025-01-21
CVE-2025-24459 JetBrains TeamCity 跨站脚本漏洞 — TeamCity 4.6 Medium2025-01-21

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.