CWE-79 在Web页面生成时对输入的转义处理不恰当(跨站脚本) 类弱点 21527 条 CVE 漏洞汇总,含 AI 中文分析。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2026-1391 | WordPress plugin Vzaar Media Management 跨站脚本漏洞 — Vzaar Media Management | 5.3 | Medium | 2026-01-28 |
| CVE-2026-1053 | WordPress plugin Ivory Search 跨站脚本漏洞 — Ivory Search – WordPress Search Plugin | 4.4 | Medium | 2026-01-28 |
| CVE-2026-1381 | WordPress plugin Order Minimum/Maximum Amount Limits for WooCommerce 跨站脚本漏洞 — Order Minimum/Maximum Amount Limits for WooCommerce | 4.4 | Medium | 2026-01-28 |
| CVE-2025-14039 | WordPress plugin Simple Folio 跨站脚本漏洞 — Simple Folio | 6.4 | Medium | 2026-01-28 |
| CVE-2025-9082 | WordPress plugin WPBITS Addons For Elementor 跨站脚本漏洞 — WPBITS Addons For Elementor Page Builder | 6.4 | Medium | 2026-01-28 |
| CVE-2025-12709 | WordPress plugin Interactions 跨站脚本漏洞 — Interactions – Create Interactive Experiences in the Block Editor | 6.4 | Medium | 2026-01-28 |
| CVE-2026-1295 | WordPress plugin Buy Now Plus 跨站脚本漏洞 — Buy Now Plus — Payments with Stripe | 6.4 | Medium | 2026-01-28 |
| CVE-2026-1244 | WordPress plugin Forms Bridge – Infinite integrations 跨站脚本漏洞 — Forms Bridge – Infinite integrations | 6.4 | Medium | 2026-01-28 |
| CVE-2026-1466 | Jirafeau 跨站脚本漏洞 — Jirafeau | 6.1 | Medium | 2026-01-28 |
| CVE-2026-1083 | WordPress plugin Appointment Hour Booking 跨站脚本漏洞 — Appointment Hour Booking – Booking Calendar | 4.4 | Medium | 2026-01-28 |
| CVE-2025-8072 | WordPress plugin Target Video Easy Publish 跨站脚本漏洞 — Target Video Easy Publish | 6.4 | Medium | 2026-01-28 |
| CVE-2026-1513 | billboard.js 安全漏洞 — billboard.js | 6.1AI | MediumAI | 2026-01-28 |
| CVE-2026-24838 | DNN 跨站脚本漏洞 — Dnn.Platform | 9.1 | Critical | 2026-01-27 |
| CVE-2026-24837 | DNN 跨站脚本漏洞 — Dnn.Platform | 7.7 | High | 2026-01-27 |
| CVE-2026-24836 | DNN 跨站脚本漏洞 — Dnn.Platform | 7.7 | High | 2026-01-27 |
| CVE-2026-24833 | DNN 跨站脚本漏洞 — Dnn.Platform | 7.7 | High | 2026-01-27 |
| CVE-2026-24784 | DNN 跨站脚本漏洞 — Dnn.Platform | 6.8 | Medium | 2026-01-27 |
| CVE-2026-24778 | Ghost 跨站脚本漏洞 — Ghost | 8.8 | High | 2026-01-27 |
| CVE-2026-24771 | Hono 跨站脚本漏洞 — hono | 4.7 | Medium | 2026-01-27 |
| CVE-2020-36978 | Froxlor 跨站脚本漏洞 — Froxlor Froxlor Server Management Panel | 6.4 | Medium | 2026-01-27 |
| CVE-2026-24824 | YaCy 安全漏洞 — yacy_search_server | 6.1AI | MediumAI | 2026-01-27 |
| CVE-2026-24490 | awesome-mobile-security 跨站脚本漏洞 — Mobile-Security-Framework-MobSF | 8.1 | High | 2026-01-27 |
| CVE-2026-24476 | Shaarli 跨站脚本漏洞 — Shaarli | 6.1AI | MediumAI | 2026-01-26 |
| CVE-2026-1444 | Books_Manager 代码注入漏洞 — Books_Manager | 2.4 | Low | 2026-01-26 |
| CVE-2025-11687 | GI-DocGen 安全漏洞 | 6.1 | Medium | 2026-01-26 |
| CVE-2020-36960 | Forma LMS 跨站脚本漏洞 — Forma LMS | 6.4 | Medium | 2026-01-26 |
| CVE-2020-36956 | Openfire 跨站脚本漏洞 — Openfire | 6.4 | Medium | 2026-01-26 |
| CVE-2020-36955 | Grav CMS 跨站脚本漏洞 — Grav CMS Admin Plugin | 6.4 | Medium | 2026-01-26 |
| CVE-2020-36954 | Xeroneit Library Management System 跨站脚本漏洞 — Xeroneit Library Management System | 6.4 | Medium | 2026-01-26 |
| CVE-2026-24433 | Tenda W30E 跨站脚本漏洞 — W30E V2 | 6.1AI | MediumAI | 2026-01-26 |
CWE-79(在Web页面生成时对输入的转义处理不恰当(跨站脚本)) 是常见的弱点类别,本平台收录该类弱点关联的 21527 条 CVE 漏洞。