Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-13294 POST File - Critical - Cross Site Scripting, Arbitrary PHP code execution - SA-CONTRIB-2024-060 — POST File 6.1 -2025-01-09
CVE-2024-13292 Tooltip - Moderately critical - Cross site scripting - SA-CONTRIB-2024-058 — Tooltip 6.1 -2025-01-09
CVE-2024-13289 Cookiebot + GTM - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-055 — Cookiebot + GTM 6.1 -2025-01-09
CVE-2024-13287 Views SVG Animation - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-051 — Views SVG Animation 6.1 -2025-01-09
CVE-2024-13286 SVG Embed - Moderately critical - Cross site scripting - SA-CONTRIB-2024-050 — SVG Embed 6.1 -2025-01-09
CVE-2024-13283 Facets - Critical - Cross Site Scripting - SA-CONTRIB-2024-047 — Facets 6.1 -2025-01-09
CVE-2024-13273 Open Social - Moderately critical - Cross Site Scripting, Denial of Service - SA-CONTRIB-2024-037 — Open Social 6.1 -2025-01-09
CVE-2024-13262 View Password - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-026 — View Password 6.1 -2025-01-09
CVE-2024-13252 TacJS - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-016 — TacJS 6.1 -2025-01-09
CVE-2024-13247 Coffee - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-011 — Coffee 6.1 -2025-01-09
CVE-2024-13245 CKEditor 4 LTS - WYSIWYG HTML editor - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-009 — CKEditor 4 LTS - WYSIWYG HTML editor 6.1 -2025-01-09
CVE-2024-13238 Typogrify - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-002 — Typogrify 6.1 -2025-01-09
CVE-2024-13237 File Entity (fieldable files) - Moderately critical - Cross Site Scripting, Access bypass - SA-CONTRIB-2024-001 — File Entity (fieldable files) 6.1 -2025-01-09
CVE-2025-22295 WordPress Tripetto plugin <= 8.0.6 - Cross Site Scripting (XSS) vulnerability — WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto 7.1 High2025-01-09
CVE-2025-22307 WordPress Product Table for WooCommerce plugin <= 4.0.3 - Reflected Cross Site Scripting (XSS) vulnerability — Product Table for WooCommerce 7.1 High2025-01-09
CVE-2025-22330 WordPress MG Parallax Slider plugin <= 1.0. - Reflected Cross Site Scripting (XSS) vulnerability — MG Parallax Slider 7.1 High2025-01-09
CVE-2025-22313 WordPress Widgetize Pages Light plugin <= 3.0 - Reflected Cross Site Scripting (XSS) vulnerability — Widgetize Pages Light 7.1 High2025-01-09
CVE-2025-22331 WordPress Cf7Save Extension plugin <= 1 - Reflected Cross Site Scripting (XSS) vulnerability — Cf7Save Extension 7.1 High2025-01-09
CVE-2025-22345 WordPress TS Comfort DB plugin <= 2.0.7 - Reflected Cross Site Scripting (XSS) vulnerability — TS Comfort DB 7.1 High2025-01-09
CVE-2025-22361 WordPress Opentracker Analytics Plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability — Opentracker Analytics 7.1 High2025-01-09
CVE-2025-22521 WordPress wp Hosting Performance Check Plugin <= 2.18.8 - Reflected Cross Site Scripting (XSS) vulnerability — wp Hosting Performance Check 7.1 High2025-01-09
CVE-2025-22539 WordPress Custom DataBase Tables Plugin <= 2.1.34 - Reflected Cross Site Scripting (XSS) vulnerability — Custom DataBase Tables 7.1 High2025-01-09
CVE-2025-22594 WordPress Better User Shortcodes Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Better User Shortcodes 7.1 High2025-01-09
CVE-2025-22595 WordPress Mailing Group Listserv Plugin <= 2.0.9 - Reflected Cross Site Scripting (XSS) vulnerability — Mailing Group Listserv 7.1 High2025-01-09
CVE-2025-22801 WordPress Free WooCommerce Theme 99fy Extension plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability — Free WooCommerce Theme 99fy Extension 6.5 Medium2025-01-09
CVE-2025-22802 WordPress Email Templates Customizer YeeMail plugin <= 2.1.4 - Cross Site Scripting (XSS) vulnerability — Email Templates Customizer for WordPress – Drag And Drop Email Templates Builder – YeeMail 6.5 Medium2025-01-09
CVE-2025-22803 WordPress Advanced Product Information for WooCommerce plugin <= 1.1.4 - Cross Site Scripting (XSS) vulnerability — Advanced Product Information for WooCommerce 6.5 Medium2025-01-09
CVE-2025-22804 WordPress Author Avatars List/Block plugin <= 2.1.23 - Stored Cross Site Scripting (XSS) vulnerability — Author Avatars List/Block 6.5 Medium2025-01-09
CVE-2025-22805 WordPress Skill Bar Plugin <= 1.2 - Stored Cross Site Scripting (XSS) vulnerability — Skill Bar 6.5 Medium2025-01-09
CVE-2025-22806 WordPress Black Widgets For Elementor plugin <= 1.3.8 - Cross Site Scripting (XSS) vulnerability — Black Widgets For Elementor 6.5 Medium2025-01-09

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.