Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21520

21520 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2019-25233 AVE DOMINAplus 1.10.x Cross-Site Request Forgery and XSS Vulnerabilities — DOMINAplus 5.3 Medium2025-12-24
CVE-2019-25234 Carlo Gavazzi SmartHouse Webapp 6.5.33 Cross-Site Request Forgery and XSS — SmartHouse Webapp 5.3 Medium2025-12-24
CVE-2018-25131 Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 Stored XSS via Config Upload — GR10/GR25/GR30/GR50 GNSS 7.2 High2025-12-24
CVE-2025-2154 Stored XSS in EchoCCS's Specto CM — Specto CM 5.4 Medium2025-12-24
CVE-2025-68605 WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Cross Site Scripting (XSS) vulnerability — Post Grid and Gutenberg Blocks 6.5 Medium2025-12-24
CVE-2025-68599 WordPress YouTube Embed plugin <= 5.4 - Cross Site Scripting (XSS) vulnerability — YouTube Embed 6.5 Medium2025-12-24
CVE-2025-68597 WordPress Jobs for WordPress plugin <= 2.8.1 - Cross Site Scripting (XSS) vulnerability — Jobs for WordPress 6.5 Medium2025-12-24
CVE-2025-68598 WordPress Page Builder: Live Composer plugin <= 2.1.13 - Cross Site Scripting (XSS) vulnerability — Page Builder: Live Composer 6.5 Medium2025-12-24
CVE-2025-68574 WordPress WPBakery Visual Composer WHMCS Elements plugin <= 1.0.4.3 - Cross Site Scripting (XSS) vulnerability — WPBakery Visual Composer WHMCS Elements 5.9 Medium2025-12-24
CVE-2025-68566 WordPress My auctions allegro plugin <= 3.6.35 - Cross Site Scripting (XSS) vulnerability — My auctions allegro 5.9 Medium2025-12-24
CVE-2025-67633 WordPress Greenhouse Job Board plugin <= 2.7.3 - Cross Site Scripting (XSS) vulnerability — Greenhouse Job Board 5.9 Medium2025-12-24
CVE-2025-67630 WordPress WH Tweaks plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability — WH Tweaks 5.9 Medium2025-12-24
CVE-2025-67631 WordPress Gift Hunt plugin <= 2.0.2 - Cross Site Scripting (XSS) vulnerability — Gift Hunt 5.9 Medium2025-12-24
CVE-2025-67632 WordPress Google AdSense for Responsive Design – GARD plugin <= 2.23 - Cross Site Scripting (XSS) vulnerability — Google AdSense for Responsive Design – GARD 5.9 Medium2025-12-24
CVE-2025-67629 WordPress Basticom Framework plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerability — Basticom Framework 5.9 Medium2025-12-24
CVE-2025-67627 WordPress Draft Notify plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability — Draft Notify 5.9 Medium2025-12-24
CVE-2025-67628 WordPress Review Disclaimer plugin <= 2.0.3 - Cross Site Scripting (XSS) vulnerability — Review Disclaimer 5.9 Medium2025-12-24
CVE-2023-32120 WordPress Hostel plugin <= 1.1.5.1 - Cross Site Scripting (XSS) — Hostel 5.9 Medium2025-12-24
CVE-2025-68533 WordPress WC Builder plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability — WC Builder 6.5 Medium2025-12-24
CVE-2025-68532 WordPress ModelTheme Addons for WPBakery and Elementor plugin < 1.5.6 - Cross Site Scripting (XSS) vulnerability — ModelTheme Addons for WPBakery and Elementor 6.5 Medium2025-12-24
CVE-2025-68528 WordPress Free Shipping Bar: Amount Left for Free Shipping for WooCommerce plugin <= 2.4.9 - Cross Site Scripting (XSS) vulnerability — Free Shipping Bar: Amount Left for Free Shipping for WooCommerce 6.5 Medium2025-12-24
CVE-2025-68527 WordPress Academy LMS plugin <= 3.4.0 - Cross Site Scripting (XSS) vulnerability — Academy LMS 6.5 Medium2025-12-24
CVE-2025-68525 WordPress Category Icon plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability — Category Icon 5.9 Medium2025-12-24
CVE-2025-68512 WordPress Real 3D FlipBook plugin <= 4.11.4 - Cross Site Scripting (XSS) vulnerability — Real 3D FlipBook 6.5 Medium2025-12-24
CVE-2025-68513 WordPress Bold Timeline Lite plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability — Bold Timeline Lite 6.5 Medium2025-12-24
CVE-2025-68497 WordPress Astra Widgets plugin <= 1.2.16 - Cross Site Scripting (XSS) vulnerability — Astra Widgets 5.9 Medium2025-12-24
CVE-2025-66444 Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer — Hitachi Infrastructure Analytics Advisor 8.2 High2025-12-24
CVE-2025-15052 code-projects Student Information System profile.php cross site scripting — Student Information System 3.5 Low2025-12-24
CVE-2025-68669 5ire vulnerable to Remote Code Execution (RCE) via mermaid — 5ire 9.7 Critical2025-12-23
CVE-2025-14499 IceWarp gmaps Cross-Site Scripting Authentication Bypass Vulnerability — IceWarp 8.8AIHighAI2025-12-23

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21520 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.