Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-23994 WordPress Estatebud – Properties & Listings plugin <= 5.5.0 - CSRF to Settings Update & Stored XSS vulnerability — Estatebud – Properties & Listings 7.1 High2025-01-21
CVE-2025-22661 WordPress Online Payments plugin <= 3.20.0 - Cross Site Scripting (XSS) vulnerability — Online Payments – Get Paid with PayPal, Square & Stripe 6.5 Medium2025-01-21
CVE-2025-22267 WordPress Weaver Themes Shortcode Compatibility Plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability — Weaver Themes Shortcode Compatibility 6.5 Medium2025-01-21
CVE-2025-22276 WordPress Related Post Shortcode Plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability — Related Post Shortcode 5.9 Medium2025-01-21
CVE-2025-23580 WordPress BizLibrary plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability — BizLibrary 7.1 High2025-01-21
CVE-2025-23454 WordPress Nature FlipBook WordPress Plugin plugin <= 1.7 - Reflected Cross Site Scripting (XSS) vulnerability — Nature FlipBook 7.1 High2025-01-21
CVE-2025-23551 WordPress SexBundle plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability — SexBundle 7.1 High2025-01-21
CVE-2025-23489 WordPress WP-Announcements plugin <= 1.8 - Reflected Cross Site Scripting (XSS) vulnerability — WP-Announcements 7.1 High2025-01-21
CVE-2025-23461 WordPress Social2Blog plugin <= 0.2.990 - Reflected Cross Site Scripting (XSS) vulnerability — Social2Blog 7.1 High2025-01-21
CVE-2025-24018 YesWiki Vulnerable to Authenticated Stored XSS — yeswiki 7.6 High2025-01-21
CVE-2025-24017 YesWiki Vulnerable to Unauthenticated DOM Based XSS — yeswiki 7.6 High2025-01-21
CVE-2025-24012 Umbraco Backoffice Components Have XSS/HTML Injection Vulnerability — Umbraco-CMS 4.6 Medium2025-01-21
CVE-2025-23998 WordPress UltraLight theme <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability — UltraLight 7.1 High2025-01-21
CVE-2025-22732 WordPress Ad Blocking Detector plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability — Ad Blocking Detector 6.5 Medium2025-01-21
CVE-2025-22825 WordPress Flexible PDF Coupons plugin < 1.10.3 - Stored Cross Site Scripting (XSS) vulnerability — Flexible PDF Coupons 6.5 Medium2025-01-21
CVE-2025-22727 WordPress MailChimp Subscribe Form plugin <= 4.1 - Cross Site Scripting (XSS) vulnerability — MailChimp Subscribe Forms 6.5 Medium2025-01-21
CVE-2025-22733 WordPress My auctions allegro Plugin <= 3.6.18 - Reflected Cross Site Scripting (XSS) vulnerability — My auctions allegro 7.1 High2025-01-21
CVE-2025-23997 WordPress Tamara Checkout plugin < 1.9.9.1 - Cross Site Scripting (XSS) vulnerability — Tamara Checkout 6.5 Medium2025-01-21
CVE-2025-22711 WordPress Image Source Control Lite Plugin <= 2.29.0 - Reflected Cross Site Scripting (XSS) vulnerability — Image Source Control 7.1 High2025-01-21
CVE-2025-22718 WordPress FAT Event Lite plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability — FAT Event Lite 6.5 Medium2025-01-21
CVE-2025-22719 WordPress VikAppointments Services Booking Calendar plugin <= 1.2.16 - CSRF to Stored XSS vulnerability — VikAppointments Services Booking Calendar 7.1 High2025-01-21
CVE-2025-22262 WordPress Bonjour Bar plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability — Bonjour Bar 5.9 Medium2025-01-21
CVE-2025-22709 WordPress Verge3D Publishing and E-Commerce Plugin <= 4.8.0 - Reflected Cross Site Scripting (XSS) vulnerability — Verge3D 7.1 High2025-01-21
CVE-2025-22706 WordPress Social Pug: Author Box plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability — Social Pug: Author Box 7.1 High2025-01-21
CVE-2025-22763 WordPress Brizy Pro Plugin <= 2.6.1 - Reflected Cross Site Scripting (XSS) vulnerability — Brizy Pro 7.1 High2025-01-21
CVE-2025-22735 WordPress Tag Cloud Plugin - Tag Groups plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability — WordPress Tag Cloud Plugin – Tag Groups 7.1 High2025-01-21
CVE-2025-22322 WordPress Private Messages for UserPro plugin <= 4.10.0 - Reflected Cross Site Scripting (XSS) vulnerability — Private Messages for UserPro 7.1 High2025-01-21
CVE-2024-49700 WordPress ARPrice plugin <= 4.1.3 - Reflected Cross Site Scripting (XSS) vulnerability — ARPrice 7.1 High2025-01-21
CVE-2024-49300 WordPress Hero Menu plugin <= 1.16.5 - Cross Site Scripting (XSS) vulnerability — Hero Mega Menu - Responsive WordPress Menu Plugin 7.1 High2025-01-21
CVE-2024-11226 FireCask Like & Share Button <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter — FireCask Like & Share Button 6.4 Medium2025-01-21

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.