Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-22614 WeGIA Cross-Site Scripting (XSS) Stored endpoint 'dependente_editarInfoPessoal.php ' parameters 'nome' 'SobrenomeForm' — WeGIA 5.4 -2025-01-13
CVE-2025-22615 WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'Cadastro_Atendido.php' parameter 'cpf' — WeGIA 6.1 -2025-01-13
CVE-2025-22616 WeGIA Cross-Site Scripting (XSS) Stored endpoint 'dependente_parentesco_adicionar.php' parameter 'descricao' — WeGIA 5.4 -2025-01-13
CVE-2025-22617 WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'editar_socio.php' parameter 'socio' — WeGIA 6.1 -2025-01-13
CVE-2025-22618 WeGIA Cross-Site Scripting (XSS) Stored endpoint 'adicionar_cargo.php' parameter 'cargo' — WeGIA 5.4 -2025-01-13
CVE-2025-22619 WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'editar_permissoes.php' parameter 'msg_c' — WeGIA 6.1 -2025-01-13
CVE-2025-22142 Cross-site Scripting in NamelessMC — Nameless 6.1 -2025-01-13
CVE-2025-23026 HTML templates containing Javascript template strings are subject to XSS in jte — jte 6.1 Medium2025-01-13
CVE-2024-12211 Pegasystem PEGA Platform 安全漏洞 — Pega Infinity 5.4 Medium2025-01-13
CVE-2024-56065 WordPress WP2LEADS Plugin <= 3.4.2 - Reflected Cross Site Scripting (XSS) vulnerability — WP2LEADS 7.1 High2025-01-13
CVE-2024-56301 WordPress Distance Based Shipping Calculator Plugin <= 2.0.21 - Reflected Cross Site Scripting (XSS) vulnerability — Distance Based Shipping Calculator 7.1 High2025-01-13
CVE-2025-22314 WordPress Food Store plugin <= 1.5.4 - Reflected Cross Site Scripting (XSS) vulnerability — Food Store – Online Food Delivery & Pickup 7.1 High2025-01-13
CVE-2025-22344 WordPress Media Category Library plugin <= 2.7 - Reflected Cross Site Scripting (XSS) vulnerability — Media Category Library 7.1 High2025-01-13
CVE-2025-22337 WordPress Order Audit Log for WooCommerce plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability — Order Audit Log for WooCommerce 7.1 High2025-01-13
CVE-2025-22499 WordPress F4 Post Tree Plugin <= 1.1.18 - Reflected Cross Site Scripting (XSS) vulnerability — F4 Post Tree 7.1 High2025-01-13
CVE-2025-22498 WordPress LucidLMS plugin <= 1.0.5 - Reflected Cross Site Scripting (XSS) vulnerability — LucidLMS 7.1 High2025-01-13
CVE-2025-22514 WordPress Axact Author List Widget Plugin <= 3.1.1 - Reflected Cross Site Scripting (XSS) vulnerability — KNR Author List Widget 7.1 High2025-01-13
CVE-2025-22506 WordPress Smart Agenda Plugin <= 4.7 - CSRF to Stored XSS vulnerability — Smart Agenda 7.1 High2025-01-13
CVE-2025-22568 WordPress Post And Page Reactions Plugin <= 1.0.5 - Reflected Cross Site Scripting (XSS) vulnerability — Post And Page Reactions 7.1 High2025-01-13
CVE-2025-22567 WordPress TRUSTist REVIEWer Plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability — TRUSTist REVIEWer 7.1 High2025-01-13
CVE-2025-22569 WordPress Featured Page Widget Plugin <= 2.2 - Reflected Cross Site Scripting (XSS) vulnerability — Featured Page Widget 7.1 High2025-01-13
CVE-2025-22570 WordPress Inline Tweets plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability — Inline Tweets 7.1 High2025-01-13
CVE-2025-22576 WordPress Site PIN Plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability — Site PIN 7.1 High2025-01-13
CVE-2025-22586 WordPress WPEX Replace DB Urls Plugin <= 0.4.0 - Reflected Cross Site Scripting (XSS) vulnerability — WPEX Replace DB Urls 7.1 High2025-01-13
CVE-2025-22583 WordPress Scan External Links Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Scan External Links 7.1 High2025-01-13
CVE-2025-22588 WordPress Scanventory Plugin <= 1.1.3 - Reflected Cross Site Scripting (XSS) vulnerability — Scanventory 7.1 High2025-01-13
CVE-2025-0400 StarSea99 starsea-mall update cross site scripting — starsea-mall 2.4 Low2025-01-12
CVE-2025-0398 longpi1 warehouse Backend updateInport cross site scripting — warehouse 2.4 Low2025-01-12
CVE-2025-0397 reckcn SPPanAdmin edit cross site scripting — SPPanAdmin 3.5 Low2025-01-12
CVE-2021-29669 IBM Jazz Foundation cross-site scripting — Jazz Foundation 5.4 Medium2025-01-12

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.