CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21573

21573 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-52467	WordPress AI Responsive Gallery Album plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability — AI Responsive Gallery Album	7.1	High	2024-12-02
CVE-2024-52466	WordPress Explara Events plugin <= 0.1.3 - Reflected Cross Site Scripting (XSS) vulnerability — Explara Events	7.1	High	2024-12-02
CVE-2024-52468	WordPress LeadBoxer plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability — LeadBoxer	7.1	High	2024-12-02
CVE-2024-52469	WordPress WooCommerce Price Alert plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability — WooCommerce Price Alert	7.1	High	2024-12-02
CVE-2024-52478	WordPress Jobify theme < 4.3.0 - Cross Site Scripting (XSS) vulnerability — Jobify	6.5	Medium	2024-12-02
CVE-2024-52482	WordPress Ortto plugin <= 1.0.19 - Reflected Cross Site Scripting (XSS) vulnerability — Ortto	7.1	High	2024-12-02
CVE-2024-52484	WordPress Wc Recently viewed products plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability — Wc Recently viewed products	7.1	High	2024-12-02
CVE-2024-52483	WordPress LeanPress plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability — LeanPress	7.1	High	2024-12-02
CVE-2024-52486	WordPress Elementor Portfolio Builder plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability — Elementor Portfolio Builder	6.5	Medium	2024-12-02
CVE-2024-52487	WordPress Ultimate Classified Listings plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability — Ultimate Classified Listings	6.5	Medium	2024-12-02
CVE-2024-52489	WordPress Add Chat App Button plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability — Add Chat App Button	5.9	Medium	2024-12-02
CVE-2024-52491	WordPress Sticky Social Icons plugin <= 1.2.1 - Stored Cross Site Scripting (XSS) vulnerability — Sticky Social Icons	5.9	Medium	2024-12-02
CVE-2024-52492	WordPress Image horizontal reel scroll slideshow plugin <= 13.4 - Stored Cross Site Scripting (XSS) vulnerability — Image horizontal reel scroll slideshow	5.9	Medium	2024-12-02
CVE-2024-52493	WordPress Meteor Slides plugin <= 1.5.7 - Cross Site Scripting (XSS) vulnerability — Meteor Slides	5.9	Medium	2024-12-02
CVE-2024-52494	WordPress Dynamic To Top plugin <= 3.5.2 - Cross Site Scripting (XSS) vulnerability — Dynamic "To Top"	5.9	Medium	2024-12-02
CVE-2024-52503	WordPress Tailored Tools plugin <= 1.8.4 - Cross Site Scripting (XSS) vulnerability — Tailored Tools	6.5	Medium	2024-12-02
CVE-2024-52502	WordPress ImbaChat plugin <= 3.1.4 - Cross Site Scripting (XSS) vulnerability — ImbaChat	6.5	Medium	2024-12-02
CVE-2024-53709	WordPress Generic Elements plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability — Generic Elements	6.5	Medium	2024-12-02
CVE-2024-53721	WordPress Advanced Event Manager plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability — Advanced Event Manager	6.5	Medium	2024-12-02
CVE-2024-53741	WordPress Simple Popup plugin <= 4.6 - Cross Site Scripting (XSS) vulnerability — Simple Popup	6.5	Medium	2024-12-02
CVE-2024-53759	WordPress ArCa Payment Gateway plugin <= 1.3.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — ArCa Payment Gateway	7.1	High	2024-12-02
CVE-2024-53740	WordPress WooCommerce Ultimate Gift Card plugin < 2.9.1 - Reflected Cross Site Scripting (XSS) vulnerability — WooCommerce Ultimate Gift Card	7.1	High	2024-12-02
CVE-2024-53742	WordPress Multilevel Referral Affiliate plugin for WooCommerce plugin <= 2.27 - Reflected Cross Site Scripting (XSS) vulnerability — Multilevel Referral Affiliate Plugin for WooCommerce	7.1	High	2024-12-01
CVE-2024-53743	WordPress Countdown Timer for Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability — Countdown Timer for Elementor	6.5	Medium	2024-12-01
CVE-2024-53744	WordPress Elementor Image Gallery plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability — Elementor Image Gallery Plugin	6.5	Medium	2024-12-01
CVE-2024-53745	WordPress Social Sharing Buttons By Cosmos Farm plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability — 소셜 공유 버튼 By 코스모스팜	6.5	Medium	2024-12-01
CVE-2024-53746	WordPress Elementor Button Plus plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability — Elementor Button Plus	6.5	Medium	2024-12-01
CVE-2024-53747	WordPress Video Player for WPBakery plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability — Video Player for WPBakery	6.5	Medium	2024-12-01
CVE-2024-53748	WordPress WP Mermaid plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability — WP Mermaid	6.5	Medium	2024-12-01
CVE-2024-53749	WordPress Post Carousel Slider for Elementor plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability — Post Carousel Slider for Elementor	6.5	Medium	2024-12-01

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21573 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21573