Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-64339 ClipBucket v5: Stored XSS Vulnerability in Manage Playlists — clipbucket-v5 5.4 -2025-11-07
CVE-2025-64336 ClipBucket v5's Manage Photo Feature is Vulnerable to Stored XSS Attack via Photo Title — clipbucket-v5 5.4 -2025-11-07
CVE-2025-64302 Advantech DeviceOn/iEdge Cross-site Scripting — DeviceOn/iEdge 6.4 Medium2025-11-06
CVE-2025-64177 ThinkDashboard: Stored XSS in Dashboard via Malicious Bookmark — ThinkDashboard 5.4 Medium2025-11-06
CVE-2025-64174 OpenMage is vulnerable to XSS in Admin Notifications — magento-lts 4.8 -2025-11-06
CVE-2025-12486 Heimdall Data Database Proxy Cross-Site Scripting Remote Code Execution Vulnerability — Database Proxy 8.3 -2025-11-06
CVE-2025-34237 Advantech WebAccess/VPN < 1.1.5 Stored XSS via StandaloneVpnClientsController.addStandaloneVpnClientAction() — WebAccess/VPN 5.4 -2025-11-06
CVE-2025-34236 Advantech WebAccess/VPN < 1.1.5 Stored XSS via NetworksController.addNetworkAction() — WebAccess/VPN 5.4 -2025-11-06
CVE-2025-64232 WordPress Import from YML plugin <= 3.1.17 - Cross Site Scripting (XSS) vulnerability — Import from YML 7.1 High2025-11-06
CVE-2025-64224 WordPress Grand Conference Theme Custom Post Type plugin < 2.6.4 - Cross Site Scripting (XSS) vulnerability — Grand Conference Theme Custom Post Type 7.1 High2025-11-06
CVE-2025-64198 WordPress Easy Social Share Buttons plugin < 10.7.1 - Cross Site Scripting (XSS) vulnerability — Easy Social Share Buttons 7.1 High2025-11-06
CVE-2025-64196 WordPress Booster for WooCommerce plugin <= 7.2.5 - Cross Site Scripting (XSS) vulnerability — Booster for WooCommerce 7.1 High2025-11-06
CVE-2025-62076 WordPress Simple Payment plugin <= 2.4.6 - Cross Site Scripting (XSS) vulnerability — Simple Payment 7.1 High2025-11-06
CVE-2025-62074 WordPress WPMobile.App plugin <= 11.71 - Cross Site Scripting (XSS) vulnerability — WPMobile.App 7.1 High2025-11-06
CVE-2025-62059 WordPress SureRank plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability — SureRank 7.1 High2025-11-06
CVE-2025-62057 WordPress Houzez Theme - Functionality plugin < 4.2.0 - Cross Site Scripting (XSS) vulnerability — Houzez Theme - Functionality 7.1 High2025-11-06
CVE-2025-62051 WordPress UDesign Core plugin <= 4.14.1 - Cross Site Scripting (XSS) vulnerability — UDesign Core 6.5 Medium2025-11-06
CVE-2025-62041 WordPress TheGem (Elementor) theme <= 5.10.5.1 - Cross Site Scripting (XSS) vulnerability — TheGem (Elementor) 7.1 High2025-11-06
CVE-2025-62044 WordPress TheGem Theme Elements (for WPBakery) plugin <= 5.10.5.1 - Cross Site Scripting (XSS) vulnerability — TheGem Theme Elements (for WPBakery) 6.5 Medium2025-11-06
CVE-2025-62040 WordPress YOP Poll plugin <= 6.5.37 - Cross Site Scripting (XSS) vulnerability — YOP Poll 7.1 High2025-11-06
CVE-2025-62036 WordPress Togo theme < 1.0.4 - Cross Site Scripting (XSS) vulnerability — Togo 7.1 High2025-11-06
CVE-2025-62031 WordPress tagDiv Composer plugin <= 5.4.1 - Cross Site Scripting (XSS) vulnerability — tagDiv Composer 7.1 High2025-11-06
CVE-2025-62032 WordPress tagDiv Cloud Library plugin < 3.9.2 - Cross Site Scripting (XSS) vulnerability — tagDiv Cloud Library 6.5 Medium2025-11-06
CVE-2025-62030 WordPress tagDiv Composer plugin <= 5.4.1 - Cross Site Scripting (XSS) vulnerability — tagDiv Composer 6.5 Medium2025-11-06
CVE-2025-62012 WordPress TheGem (Elementor) theme <= 5.10.5 - Cross Site Scripting (XSS) vulnerability — TheGem (Elementor) 6.5 Medium2025-11-06
CVE-2025-62011 WordPress TheGem theme <= 5.10.5 - Cross Site Scripting (XSS) vulnerability — TheGem 6.5 Medium2025-11-06
CVE-2025-59556 WordPress GoStore theme < 1.6.4 - Cross Site Scripting (XSS) vulnerability — GoStore 7.1 High2025-11-06
CVE-2025-58964 WordPress Enzy theme < 1.6.4 - Cross Site Scripting (XSS) vulnerability — Enzy 7.1 High2025-11-06
CVE-2025-58638 WordPress Institutions Directory Plugin <= 1.3.3 - Cross Site Scripting (XSS) Vulnerability — Institutions Directory 7.1 High2025-11-06
CVE-2025-54737 WordPress Jobmonster theme <= 4.7.8 - Cross Site Scripting (XSS) vulnerability — Jobmonster 7.1 High2025-11-06

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.