Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-22752 WordPress GSheetConnector for Forminator Forms Plugin <= 1.0.12 - Reflected Cross Site Scripting (XSS) vulnerability — GSheetConnector for Forminator Forms 7.1 High2025-01-15
CVE-2025-22753 WordPress turboSMTP Plugin <= 4.6 - Reflected Cross Site Scripting (XSS) vulnerability — turboSMTP 7.1 High2025-01-15
CVE-2025-22755 WordPress WP Headmaster Plugin <= 0.3 - Reflected Cross Site Scripting (XSS) vulnerability — WP Headmaster 7.1 High2025-01-15
CVE-2025-22754 WordPress Amber Plugin <=1.4.4 - Reflected Cross Site Scripting (XSS) vulnerability — Amber 7.1 High2025-01-15
CVE-2025-22758 WordPress Elementor AI Addons plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability — Elementor AI Addons 6.5 Medium2025-01-15
CVE-2025-22759 WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.27.5 - Cross Site Scripting (XSS) vulnerability — Post and Page Builder by BoldGrid 6.5 Medium2025-01-15
CVE-2025-22760 WordPress CodeBard Help Desk plugin <= 1.1.2 - Reflected Cross Site Scripting (XSS) vulnerability — CodeBard Help Desk 7.1 High2025-01-15
CVE-2025-22762 WordPress Octrace Support Pro plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability — WordPress HelpDesk & Support Ticket System Plugin – Octrace Support 5.9 Medium2025-01-15
CVE-2025-22761 WordPress Ajax Contact Form plugin <= 1.4.1 - Stored Cross Site Scripting (XSS) vulnerability — Ajax Contact Form 6.5 Medium2025-01-15
CVE-2025-22765 WordPress WP Order By Plugin <= 1.4.2 - Reflected Cross Site Scripting (XSS) vulnerability — WP Order By 7.1 High2025-01-15
CVE-2025-22764 WordPress WP Post Corrector Plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability — WP Post Corrector 7.1 High2025-01-15
CVE-2025-22766 WordPress Zarinpal Paid Download Plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability — Zarinpal Paid Download 7.1 High2025-01-15
CVE-2025-22769 WordPress Multifox theme <= 1.3.7 - Cross Site Scripting (XSS) vulnerability — Multifox 6.5 Medium2025-01-15
CVE-2025-22776 WordPress WP Bulletin Board Plugin <= 1.1.4 - Reflected Cross Site Scripting (XSS) vulnerability — WP Bulletin Board 7.1 High2025-01-15
CVE-2025-22778 WordPress Lijit Search Plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability — Lijit Search 7.1 High2025-01-15
CVE-2025-22781 WordPress Nativery Plugin plugin <= 0.1.6 - Cross Site Scripting (XSS) vulnerability — Nativery 6.5 Medium2025-01-15
CVE-2025-22780 WordPress wp-pano Plugin <= 1.17 - Cross Site Scripting (XSS) vulnerability — wp-pano 6.5 Medium2025-01-15
CVE-2025-22788 WordPress CoDesigner plugin <= 4.29 - Cross Site Scripting (XSS) vulnerability — CoDesigner 5.9 Medium2025-01-15
CVE-2025-22793 WordPress Bold pagos en linea Plugin <= 3.1.4 - Reflected Cross Site Scripting (XSS) vulnerability — Bold pagos en linea 7.1 High2025-01-15
CVE-2025-22797 WordPress Gallery and Lightbox plugin <= 1.0.14 - Cross Site Scripting (XSS) vulnerability — Gallery and Lightbox 6.5 Medium2025-01-15
CVE-2025-22795 WordPress Multilang Contact Form Plugin <= 1.5 - Reflected Cross Site Scripting (XSS) vulnerability — Multilang Contact Form 7.1 High2025-01-15
CVE-2025-22798 WordPress Responsive jQuery Slider plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability — Responsive jQuery Slider 6.5 Medium2025-01-15
CVE-2024-47140 Observium 跨站脚本漏洞 — Observium 8.7 High2025-01-15
CVE-2024-47002 Observium 跨站脚本漏洞 — Observium 8.7 High2025-01-15
CVE-2024-45061 Observium 跨站脚本漏洞 — Observium 8.7 High2025-01-15
CVE-2024-12593 PDF for WPForms + Drag and Drop Template Builder <= 4.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via yeepdf_dotab Shortcode — PDF for WPForms + Drag and Drop Template Builder 6.4 Medium2025-01-15
CVE-2025-0193 Stored Cross-site Scripting (XSS) Vulnerability in the MGate 5121/5122/5123 Series — MGate 5121 Series 4.8 -2025-01-15
CVE-2024-35280 Fortinet FortiDeceptor 跨站脚本漏洞 — FortiDeceptor 5.1 Medium2025-01-15
CVE-2024-12818 WP Smart TV <= 2.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting — WP Smart TV 6.4 Medium2025-01-15
CVE-2024-13351 Social proof testimonials and reviews by Repuso <= 5.20 - Authenticated (Contributor+) Stored Cross-Site Scripting — Reviews Widgets for Google & 45+ platforms by Repuso 7.2 High2025-01-15

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.