Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21506

21506 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-4805 Woostify <= 2.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Lity.js Library via data-lity Attribute in Custom HTML Block — Woostify 6.4 Medium2026-04-28
CVE-2026-7230 SourceCodester Safety Anger Pad cross site scripting — Safety Anger Pad 4.3 Medium2026-04-28
CVE-2026-6725 WPC Smart Messages for WooCommerce <= 4.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attribute — WPC Smart Messages for WooCommerce 6.4 Medium2026-04-28
CVE-2026-6551 Timeline Blocks for Gutenberg <= 1.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'titleTag' Block Attribute — Timeline Blocks for Gutenberg 6.4 Medium2026-04-28
CVE-2026-6809 Social Post Embed <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Threads Embed — Social Post Embed 6.4 Medium2026-04-28
CVE-2026-7222 code-projects Coaching Management System Complaint Form complaint.php cross site scripting — Coaching Management System 3.5 Low2026-04-28
CVE-2026-7200 SourceCodester Pharmacy Sales and Inventory System index.php cross site scripting — Pharmacy Sales and Inventory System 4.3 Medium2026-04-27
CVE-2026-5362 Pimcore Platform v12.3.3 - Stored XSS in Document Editable Embed rendering — pimcore--2026-04-27
CVE-2026-41467 ProjeQtor < 12.4.4 Stored XSS via checkValidFileName() — ProjeQtor 5.4 Medium2026-04-27
CVE-2026-41466 ProjeQtor < 12.4.4 Stored XSS via checkValidHtmlText() — ProjeQtor 5.4 Medium2026-04-27
CVE-2026-7129 SourceCodester Pharmacy Sales and Inventory System index.php cross site scripting — Pharmacy Sales and Inventory System 4.3 Medium2026-04-27
CVE-2026-7116 code-projects Employee Management System mark.php cross site scripting — Employee Management System 4.3 Medium2026-04-27
CVE-2026-42410 WordPress TheGem theme Elements (for Elementor) plugin < 5.12.1.1 - Cross Site Scripting (XSS) vulnerability — TheGem Theme Elements (for Elementor) 6.5 Medium2026-04-27
CVE-2026-7110 code-projects Invoice System in Laravel item cross site scripting — Invoice System in Laravel 3.5 Low2026-04-27
CVE-2026-7095 code-projects Employee Management System edit.php cross site scripting — Employee Management System 4.3 Medium2026-04-27
CVE-2026-7090 code-projects Chat System send_message.php cross site scripting — Chat System 2.4 Low2026-04-27
CVE-2026-7089 code-projects Home Service System Appointment Booking booking.php cross site scripting — Home Service System 4.3 Medium2026-04-27
CVE-2026-7027 D-Link DSL-2740R Wireless Setup Section cross site scripting — DSL-2740R 2.4 Low2026-04-26
CVE-2026-7026 D-Link DGS-3420 System Information Settings cross site scripting — DGS-3420 4.5 Medium2026-04-26
CVE-2026-7016 MaxSite CMS ushki Plugin cross site scripting — CMS 2.4 Low2026-04-26
CVE-2026-7015 MaxSite CMS Guestbook Plugin cross site scripting — CMS 2.4 Low2026-04-26
CVE-2026-7014 MaxSite CMS down_count Plugin cross site scripting — CMS 2.4 Low2026-04-26
CVE-2026-7013 MaxSite CMS mail_send Plugin cross site scripting — CMS 2.4 Low2026-04-26
CVE-2026-7012 MaxSite CMS Redirect Plugin cross site scripting — CMS 2.4 Low2026-04-26
CVE-2026-7011 MaxSite CMS Antispam Plugin plugin_antispam cross site scripting — CMS 2.4 Low2026-04-26
CVE-2026-7001 Datacom DM4100 Ethernet Configuration cross site scripting — DM4100 2.4 Low2026-04-25
CVE-2026-7000 Datacom DM4100 VLAN Page cross site scripting — DM4100 2.4 Low2026-04-25
CVE-2026-6999 BIVOCOM TR321 Wireless Setting cross site scripting — TR321 2.4 Low2026-04-25
CVE-2026-6998 BDCOM P3310D New RMON Statistics cross site scripting — P3310D 2.4 Low2026-04-25
CVE-2026-6997 BDCOM P3310D New RMON History cross site scripting — P3310D 2.4 Low2026-04-25

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21506 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.