CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21553

21553 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-56292	WordPress Email Reminders Plugin <= 2.0.5 - Cross Site Scripting (XSS) vulnerability — Email Reminders	5.9	Medium	2025-01-07
CVE-2024-56293	WordPress AFI – The Easiest Integration Plugin <= 1.95.0 - Cross Site Scripting (XSS) vulnerability — Advanced Form Integration	5.9	Medium	2025-01-07
CVE-2024-56296	WordPress Mang Board WP plugin <= 1.8.4 - Reflected Cross Site Scripting (XSS) vulnerability — Mang Board WP	7.1	High	2025-01-07
CVE-2024-56297	WordPress Highlight plugin <= 2.0.2 - Cross Site Scripting (XSS) vulnerability — Highlight	5.9	Medium	2025-01-07
CVE-2024-56298	WordPress Pretty Simple Popup Builder Plugin <= 1.0.9 - Stored Cross Site Scripting (XSS) vulnerability — Pretty Simple Popup Builder	5.9	Medium	2025-01-07
CVE-2024-56299	WordPress Notify Odoo plugin <= 1.0.0 - CSRF to Stored XSS vulnerability — Notify Odoo	7.1	High	2025-01-07
CVE-2025-22293	WordPress Gutentor plugin <= 3.4.3 - Cross Site Scripting (XSS) vulnerability — Gutentor	6.5	Medium	2025-01-07
CVE-2025-22261	WordPress WP FullCalendar plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability — WP FullCalendar	6.5	Medium	2025-01-07
CVE-2025-22309	WordPress SpeakOut! Email Petitions plugin <= 4.4.2 - Cross Site Scripting (XSS) vulnerability — SpeakOut! Email Petitions	6.5	Medium	2025-01-07
CVE-2025-22308	WordPress Smart Custom FIelds plugin <= 5.0.0 - Cross Site Scripting (XSS) vulnerability — Smart Custom Fields	6.5	Medium	2025-01-07
CVE-2025-22310	WordPress TemplatesNext ToolKit plugin <= 3.2.9 - Cross Site Scripting (XSS) vulnerability — TemplatesNext ToolKit	6.5	Medium	2025-01-07
CVE-2025-22312	WordPress Thim Elementor Kit plugin <= 1.2.9 - Cross Site Scripting (XSS) vulnerability — Thim Elementor Kit	6.5	Medium	2025-01-07
CVE-2025-22315	WordPress Typing Text plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability — Typing Text	6.5	Medium	2025-01-07
CVE-2025-22320	WordPress ProductDyno plugin <= 1.0.24 - Reflected Cross Site Scripting (XSS) vulnerability — ProductDyno	7.1	High	2025-01-07
CVE-2025-22316	WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability — WPBITS Addons For Elementor Page Builder	5.9	Medium	2025-01-07
CVE-2025-22321	WordPress ElementsCSS Addons for Elementor plugin <= 1.0.8.9 - Cross Site Scripting (XSS) vulnerability — ElementsCSS Addons for Elementor	6.5	Medium	2025-01-07
CVE-2025-22323	WordPress Image Hover Effects for Elementor plugin <= 1.0.2.4 - Cross Site Scripting (XSS) vulnerability — Image Hover Effects for Elementor	6.5	Medium	2025-01-07
CVE-2025-22324	WordPress OZ Canonical plugin <= 0.5 - Reflected Cross Site Scripting (XSS) vulnerability — OZ Canonical	7.1	High	2025-01-07
CVE-2025-22326	WordPress 5centsCDN plugin <= 25.4.15 - Reflected Cross Site Scripting (XSS) vulnerability — 5centsCDN	7.1	High	2025-01-07
CVE-2025-22327	WordPress EO4WP plugin <= 1.0.8.1 - Cross Site Scripting (XSS) vulnerability — EO4WP	6.5	Medium	2025-01-07
CVE-2025-22333	WordPress Piotnet Addons For Elementor plugin <= 2.4.31 - Cross-Site Scripting vulnerability — Piotnet Addons For Elementor	6.5	Medium	2025-01-07
CVE-2025-22339	WordPress Store Commerce theme <= 1.2.3 - Cross Site Scripting (XSS) vulnerability — Store Commerce	6.5	Medium	2025-01-07
CVE-2025-22353	WordPress BVD Easy Gallery Manager plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability — BVD Easy Gallery Manager	7.1	High	2025-01-07
CVE-2025-22357	WordPress Target Notifications plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability — Target Notifications	7.1	High	2025-01-07
CVE-2025-22355	WordPress Kikx Simple Post Author Filter plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Kikx Simple Post Author Filter	7.1	High	2025-01-07
CVE-2025-22358	WordPress Wp advertising management plugin <= 1.0.3 - Reflected Cross Site Scripting (XSS) vulnerability — Wp advertising management	7.1	High	2025-01-07
CVE-2025-22359	WordPress SyncFields plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability — SyncFields	7.1	High	2025-01-07
CVE-2025-22362	WordPress WPAchievements Free Plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability — WPAchievements Free	6.5	Medium	2025-01-07
CVE-2024-12699	Service Box <= 1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — Service Box	6.4	Medium	2025-01-07
CVE-2024-11626	Progress Sitefinity 安全漏洞 — Sitefinity	8.4	High	2025-01-07

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21553 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21553