Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21504

21504 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2019-25448 OrientDB 3.0.17 Stored Cross-Site Scripting via User Creation — OrientDB 6.4 Medium2026-02-20
CVE-2026-27122 Svelte SSR does not validate dynamic element tag names in `<svelte:element>` — svelte 6.1 -2026-02-20
CVE-2026-27121 Svelte affected by cross-site scripting via spread attributes in Svelte SSR — svelte 6.1 -2026-02-20
CVE-2026-27119 Svelte affected by XSS in SSR `<option>` element — svelte 6.1 -2026-02-20
CVE-2026-27020 Photobooth has a XSS vulnerability in user input — photobooth 6.1AIMediumAI2026-02-20
CVE-2025-62326 HCL Digital Experience is susceptible to stored cross-site scripting (XSS) — Digital Experience 6.1 Medium2026-02-20
CVE-2026-2472 Stored Cross-Site Scripting (XSS) in Vertex AI Python SDK Visualization — Vertex AI SDK for Python 6.1AIMediumAI2026-02-20
CVE-2019-25445 Fiverr Clone Script 1.2.2 Cross-Site Scripting via search-results.php — Fiverr Clone Script 6.1 Medium2026-02-20
CVE-2026-27506 SVXportal <= 2.5 Profile Update Stored XSS — SVXportal 6.1 Medium2026-02-20
CVE-2026-27505 SVXportal <= 2.5 admin/user_action.php Stored XSS — SVXportal 6.1 Medium2026-02-20
CVE-2026-27504 SVXportal <= 2.5 radiomobile_front.php stationid Reflected XSS — SVXportal 6.1 Medium2026-02-20
CVE-2026-27503 SVXportal <= 2.5 admin/log.php Search Reflected XSS — SVXportal 6.1 Medium2026-02-20
CVE-2026-27502 SVXportal <= 2.5 log.php Search Reflected XSS — SVXportal 6.1 Medium2026-02-20
CVE-2025-15583 detronetdip E-commerce function.php get_safe_value cross site scripting — E-commerce 3.5 Low2026-02-20
CVE-2026-24955 WordPress Whizz Plugins plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability — Whizz Plugins 6.1AIMediumAI2026-02-20
CVE-2026-27072 WordPress PixelYourSite – Your smart PIXEL (TAG) Manager plugin <= 11.2.0.1 - Cross Site Scripting (XSS) vulnerability — PixelYourSite – Your smart PIXEL (TAG) Manager 5.4AIMediumAI2026-02-20
CVE-2026-24948 WordPress Reflector plugin <= 1.2.2 - Reflected Cross Site Scripting (XSS) vulnerability — Reflector 6.1AIMediumAI2026-02-20
CVE-2026-24949 WordPress PhotoMe theme <= 5.7.1 - Cross Site Scripting (XSS) vulnerability — PhotoMe 6.1AIMediumAI2026-02-20
CVE-2026-24943 WordPress Grand Conference theme <= 5.3.4 - Reflected Cross Site Scripting (XSS) vulnerability — Grand Conference 6.1AIMediumAI2026-02-20
CVE-2026-22357 WordPress Link Whisper Free plugin <= 0.9.2 - Cross Site Scripting (XSS) vulnerability — Link Whisper Free 6.1AIMediumAI2026-02-20
CVE-2026-22352 WordPress Persian Woocommerce SMS plugin <= 7.1.1 - Reflected Cross Site Scripting (XSS) vulnerability — Persian Woocommerce SMS 6.1AIMediumAI2026-02-20
CVE-2025-69392 WordPress iMoney plugin <= 0.36 - Reflected Cross Site Scripting (XSS) vulnerability — iMoney 6.1AIMediumAI2026-02-20
CVE-2025-69390 WordPress Business Template Blocks for WPBakery (Visual Composer) Page Builder plugin <= 1.3.2 - Reflected Cross Site Scripting (XSS) vulnerability — Business Template Blocks for WPBakery (Visual Composer) Page Builder 6.1AIMediumAI2026-02-20
CVE-2025-69386 WordPress RVCFDI para Woocommerce plugin <= 8.1.8 - Reflected Cross Site Scripting (XSS) vulnerability — RVCFDI para Woocommerce 6.1AIMediumAI2026-02-20
CVE-2025-69391 WordPress Diamond theme <= 2.4.8 - Reflected Cross Site Scripting (XSS) vulnerability — Diamond 6.1AIMediumAI2026-02-20
CVE-2025-69389 WordPress Visitor Maps Extended Referer Field plugin <= 1.2.6 - Reflected Cross Site Scripting (XSS) vulnerability — Visitor Maps Extended Referer Field 6.1AIMediumAI2026-02-20
CVE-2025-69384 WordPress Timeline Event History plugin <= 3.2 - Reflected Cross Site Scripting (XSS) vulnerability — Timeline Event History 6.1AIMediumAI2026-02-20
CVE-2025-69368 WordPress SOHO - Photography WordPress Theme theme <= 3.0.3 - Cross Site Scripting (XSS) vulnerability — SOHO - Photography WordPress Theme 6.1AIMediumAI2026-02-20
CVE-2025-69367 WordPress Oyster - Photography WordPress Theme theme <= 4.4.3 - Cross Site Scripting (XSS) vulnerability — Oyster - Photography WordPress Theme 6.1AIMediumAI2026-02-20
CVE-2025-69326 WordPress NEX-Forms plugin <= 9.1.7 - Reflected Cross Site Scripting (XSS) vulnerability — NEX-Forms 6.1AIMediumAI2026-02-20

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21504 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.