Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-23856 WordPress Simple Vertical Timeline plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability — Simple Vertical Timeline 6.5 Medium2025-01-16
CVE-2025-23830 WordPress JB Horizontal Scroller News Ticker plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability — JB Horizontal Scroller News Ticker 6.5 Medium2025-01-16
CVE-2025-23841 WordPress Top Flash Embed plugin <= 0.3.4 - Cross Site Scripting (XSS) vulnerability — Top Flash Embed 6.5 Medium2025-01-16
CVE-2025-23831 WordPress QR Code Generator plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability — QR Code Generator 6.5 Medium2025-01-16
CVE-2025-23828 WordPress WordPress Data Guard [Website Security] plugin <= 8 - CSRF to Stored XSS vulnerability — WordPress Data Guard 7.1 High2025-01-16
CVE-2025-23826 WordPress Stop Comment Spam plugin <= 0.5.3 - CSRF to Stored XSS vulnerability — Stop Comment Spam 7.1 High2025-01-16
CVE-2025-23824 WordPress FontAwesome.io ShortCodes plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability — FontAwesome.io ShortCodes 6.5 Medium2025-01-16
CVE-2025-23833 WordPress Links/Problem Reporter plugin <= 2.6.0 - Cross Site Scripting (XSS) vulnerability — Links/Problem Reporter 6.5 Medium2025-01-16
CVE-2025-23825 WordPress Easy Shortcode Buttons plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability — Easy Shortcode Buttons 6.5 Medium2025-01-16
CVE-2025-23827 WordPress Strx Magic Floating Sidebar Maker plugin <= 1.4.1 - CSRF to Stored XSS vulnerability — Strx Magic Floating Sidebar Maker 7.1 High2025-01-16
CVE-2025-23807 WordPress Spiderpowa Embed PDF plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability — Spiderpowa Embed PDF 6.5 Medium2025-01-16
CVE-2025-23795 WordPress Easy FAQs plugin <= 3.2.1 - Stored Cross Site Scripting (XSS) vulnerability — Easy FAQs 6.5 Medium2025-01-16
CVE-2025-23802 WordPress WP-Revive Adserver Plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability — WP-Revive Adserver 6.5 Medium2025-01-16
CVE-2025-23796 WordPress Easy Portfolio plugin <= 1.3 - Stored Cross Site Scripting (XSS) vulnerability — Easy Portfolio 6.5 Medium2025-01-16
CVE-2025-23791 WordPress Horizontal Line Shortcode Plugin <= 1.0 - Stored Cross Site Scripting (XSS) vulnerability — Horizontal Line Shortcode 6.5 Medium2025-01-16
CVE-2025-23794 WordPress wp_amaps Plugin <= 1.7 - Reflected Cross Site Scripting (XSS) vulnerability — wp_amaps 6.5 Medium2025-01-16
CVE-2025-23777 WordPress GDPR Personal Data Reports Plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability — GDPR Personal Data Reports 6.5 Medium2025-01-16
CVE-2025-23775 WordPress GMAPS for WPBakery Page Builder Free Plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability — GMAPS for WPBakery Page Builder Free 6.5 Medium2025-01-16
CVE-2025-23772 WordPress imaGenius Plugin <= 1.7 - Stored Cross Site Scripting (XSS) vulnerability — imaGenius 6.5 Medium2025-01-16
CVE-2025-23783 WordPress Greek Namedays Widget Plugin <= 20191113 - Cross Site Scripting (XSS) vulnerability — Greek Namedays Widget From Eortologio.Net 6.5 Medium2025-01-16
CVE-2025-23767 WordPress Marmoset Viewer plugin <= 1.9.3 - Stored Cross Site Scripting (XSS) vulnerability — Marmoset Viewer 6.5 Medium2025-01-16
CVE-2025-23699 WordPress Event Countdown Timer Plugin by TechMix plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability — Event Countdown Timer Plugin by TechMix 7.1 High2025-01-16
CVE-2025-23689 WordPress Blogger Image Import plugin <= 2.1 - CSRF to Stored XSS vulnerability — Blogger Image Import 7.1 High2025-01-16
CVE-2025-23644 WordPress QuoteMedia Tools plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability — QuoteMedia Tools 6.5 Medium2025-01-16
CVE-2025-23642 WordPress Sidebar-Content from Shortcode plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability — Sidebar-Content from Shortcode 6.5 Medium2025-01-16
CVE-2025-23623 WordPress Contact Form 7 – CCAvenue Add-on plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Contact Form 7 – CCAvenue Add-on 7.1 High2025-01-16
CVE-2025-23641 WordPress Powie's pLinks PagePeeker plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability — Powie's pLinks PagePeeker 6.5 Medium2025-01-16
CVE-2025-23547 WordPress LH Login Page plugin <= 2.14 - Reflected Cross Site Scripting (XSS) vulnerability — LH Login Page 7.1 High2025-01-16
CVE-2025-23620 WordPress Captchelfie – Captcha by Selfie plugin <= 1.0.7 - Reflected Cross Site Scripting (XSS) vulnerability — Captchelfie – Captcha by Selfie 7.1 High2025-01-16
CVE-2025-23452 WordPress EditionGuard for WooCommerce plugin <= 3.4.2 - Reflected Cross Site Scripting (XSS) vulnerability — EditionGuard for WooCommerce – eBook Sales with DRM 7.1 High2025-01-16

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.