Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21552

21552 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-22806 WordPress Black Widgets For Elementor plugin <= 1.3.8 - Cross Site Scripting (XSS) vulnerability — Black Widgets For Elementor 6.5 Medium2025-01-09
CVE-2025-22807 WordPress Responsive Flickr Slideshow Plugin <= 2.6.0 - Cross Site Scripting (XSS) vulnerability — Responsive Flickr Slideshow 6.5 Medium2025-01-09
CVE-2025-22808 WordPress Surbma | Premium WP plugin <= 9.0 - Cross Site Scripting (XSS) vulnerability — Surbma | Premium WP 6.5 Medium2025-01-09
CVE-2025-22809 WordPress PDF Catalog Woocommerce plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability — PDF Catalog Woocommerce 6.5 Medium2025-01-09
CVE-2025-22810 WordPress Content Blocks Builder plugin <= 2.7.6 - Cross Site Scripting (XSS) vulnerability — Content Blocks Builder 6.5 Medium2025-01-09
CVE-2025-22812 WordPress News Ticker Widget for Elementor plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability — News Ticker Widget for Elementor 6.5 Medium2025-01-09
CVE-2025-22811 WordPress MT Addons for Elementor plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability — MT Addons for Elementor 6.5 Medium2025-01-09
CVE-2025-22813 WordPress ChatBot Conversational Forms plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability — Conversational Forms for ChatBot 6.5 Medium2025-01-09
CVE-2025-22815 WordPress Button Block plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability — Button Block 6.5 Medium2025-01-09
CVE-2025-22817 WordPress BP Profile Shortcodes Extra plugin <= 2.6.0 - Cross Site Scripting (XSS) vulnerability — BP Profile Shortcodes Extra 6.5 Medium2025-01-09
CVE-2025-22818 WordPress S3Player plugin <= 4.2.1 - Cross Site Scripting (XSS) vulnerability — S3Player – WooCommerce & Elementor Integration 6.5 Medium2025-01-09
CVE-2025-22819 WordPress Qr Code and Barcode Scanner Reader plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability — Qr Code and Barcode Scanner Reader 6.5 Medium2025-01-09
CVE-2025-22820 WordPress VR Views plugin <= 1.5.1 - Stored Cross Site Scripting (XSS) vulnerability — VR Views 6.5 Medium2025-01-09
CVE-2025-22822 WordPress wp custom countdown Plugin <= 2.8 - Stored Cross Site Scripting (XSS) vulnerability — wp custom countdown 6.5 Medium2025-01-09
CVE-2025-22821 WordPress StorePress theme <= 1.0.12 - Cross Site Scripting (XSS) vulnerability — StorePress 6.5 Medium2025-01-09
CVE-2025-22824 WordPress Live Flight Radar Plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability — Live Flight Radar 6.5 Medium2025-01-09
CVE-2025-22823 WordPress Genesis Style Shortcodes Plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability — Genesis Style Shortcodes 6.5 Medium2025-01-09
CVE-2025-22826 WordPress Sell Digital Downloads plugin <= 2.2.7 - Cross Site Scripting (XSS) vulnerability — Sell Digital Downloads 6.5 Medium2025-01-09
CVE-2025-22827 WordPress WP Joomag plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability — WP Joomag 6.5 Medium2025-01-09
CVE-2024-12514 3DVieweronline <= 2.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — 3D Viewer Online 6.4 Medium2025-01-09
CVE-2024-12394 Action Network <= 1.4.4 - Reflected Cross-Site Scripting — Action Network 6.1 Medium2025-01-09
CVE-2024-12515 Muslim Prayer Time-Salah/Iqamah <= 1.8.11 - Authenticated (Contributor+) Stored Cross-Site Scripting — Muslim Prayer Time-Salah/Iqamah 6.4 Medium2025-01-09
CVE-2024-12491 SimplyRETS Real Estate IDX <= 2.11.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — SimplyRETS Real Estate IDX 6.4 Medium2025-01-09
CVE-2024-12819 Searchie <= 1.17.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Searchie 6.4 Medium2025-01-09
CVE-2024-11686 WhatsApp click to chat <= 3.0.4 - Reflected Cross-Site Scripting — WhatsApp 🚀 click to chat 6.1 Medium2025-01-09
CVE-2024-11815 Pósturinn\'s Shipping with WooCommerce <= 1.3.1 - Reflected Cross-Site Scripting — Pósturinn\'s Shipping with WooCommerce 6.1 Medium2025-01-09
CVE-2024-11907 Skyword API Plugin <= 2.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Skyword XMLRPC publishing 6.4 Medium2025-01-09
CVE-2024-12621 Yumpu E-Paper publishing <= 3.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting — Yumpu E-Paper publishing 6.4 Medium2025-01-09
CVE-2024-11328 CLUEVO LMS, E-Learning Platform <= 1.13.2 - Reflected Cross-Site Scripting — CLUEVO LMS, E-Learning Platform 6.1 Medium2025-01-09
CVE-2024-12285 SEMA API <= 5.27 - Reflected Cross-Site Scripting via catid Parameter — SEMA API 6.1 Medium2025-01-09

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21552 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.