Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-54722 WordPress WooTour plugin <= 3.6.3 - Cross Site Scripting (XSS) vulnerability — WooTour 7.1 High2025-11-06
CVE-2025-54721 WordPress Resca theme <= 3.0.2 - Cross Site Scripting (XSS) vulnerability — Resca 7.1 High2025-11-06
CVE-2025-54718 WordPress Yogi - Health Beauty & Yoga theme <= 2.9.2 - Cross Site Scripting (XSS) vulnerability — Yogi - Health Beauty & Yoga 7.1 High2025-11-06
CVE-2025-53585 WordPress WeMusic theme <= 1.9.1 - Cross Site Scripting (XSS) vulnerability — WeMusic 7.1 High2025-11-06
CVE-2025-53574 WordPress Doliconnect Plugin <= 9.3.2 - Cross Site Scripting (XSS) Vulnerability — Doliconnect 7.1 High2025-11-06
CVE-2025-53573 WordPress Epic Review Plugin <= 1.0.2 - Cross Site Scripting (XSS) Vulnerability — Epic Review 7.1 High2025-11-06
CVE-2025-53349 WordPress Kalium Theme <= 3.18.3 - Cross Site Scripting (XSS) Vulnerability — Kalium 7.1 High2025-11-06
CVE-2025-53324 WordPress Gutenify Plugin <= 1.5.7 - Cross Site Scripting (XSS) Vulnerability — Gutenify 7.1 High2025-11-06
CVE-2025-53286 WordPress Dropify plugin <= 4.7.2 - Cross Site Scripting (XSS) vulnerability — Dropify 7.1 High2025-11-06
CVE-2025-53245 WordPress WP Logo Changer Plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability — WP Logo Changer 7.1 High2025-11-06
CVE-2025-53239 WordPress User Registration Aide Plugin <= 1.5.3.8 - Cross Site Scripting (XSS) Vulnerability — User Registration Aide 7.1 High2025-11-06
CVE-2025-52764 WordPress flexoslider plugin <= 1.0004 - Cross Site Scripting (XSS) vulnerability — flexoslider 7.1 High2025-11-06
CVE-2025-49905 WordPress Range Slider Addon for Gravity Forms plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability — Range Slider Addon for Gravity Forms 7.1 High2025-11-06
CVE-2025-49909 WordPress Penci Bookmark & Follow plugin < 2.4 - Cross Site Scripting (XSS) vulnerability — Penci Bookmark & Follow 7.1 High2025-11-06
CVE-2025-49904 WordPress Booking and Rental Manager plugin <= 2.5.3 - Cross Site Scripting (XSS) vulnerability — Booking and Rental Manager 7.1 High2025-11-06
CVE-2025-49390 WordPress Cookie Notice & Consent plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability — Cookie Notice & Consent 7.1 High2025-11-06
CVE-2025-31029 WordPress replyMail plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability — replyMail 7.1 High2025-11-06
CVE-2025-11956 XSS in Proliz's OBS — OBS (Student Affairs Information System) 8.9 High2025-11-06
CVE-2025-10955 HTML Injection in Netcad Software's Netigma — Netigma 6.1 Medium2025-11-06
CVE-2025-36054 Cross-site scripting vulnerability affect IBM Business Automation Workflow Process Federation Server - — Business Automation Workflow containers 6.1 Medium2025-11-06
CVE-2025-11268 Strong Testimonials <= 3.2.16 - Unauthenticated Arbitrary Shortcode Execution — Strong Testimonials 4.3 Medium2025-11-06
CVE-2025-12471 Hubbub Lite <= 1.36.0 - Reflected Cross-Site Scripting — Hubbub Lite – Fast, free social sharing and follow buttons 6.1 Medium2025-11-06
CVE-2025-61994 Weseek Growi 跨站脚本漏洞 — GROWI 6.1 -2025-11-06
CVE-2025-10853 Reflected Cross-Site Scripting (XSS) in Management Console of Multiple WSO2 Products Due to Improper Output Encoding — WSO2 Open Banking IAM 5.2 Medium2025-11-05
CVE-2025-5770 Reflected Cross-Site Scripting (XSS) in Authentication Endpoints of Multiple WSO2 Products — WSO2 Identity Server 6.1 Medium2025-11-05
CVE-2025-20304 Cisco Identity Services Engine 跨站脚本漏洞 — Cisco Identity Services Engine Software 5.4 Medium2025-11-05
CVE-2025-20289 Cisco Identity Services Engine 跨站脚本漏洞 — Cisco Identity Services Engine Software 4.8 Medium2025-11-05
CVE-2025-20303 Cisco Identity Services Engine 跨站脚本漏洞 — Cisco Identity Services Engine Software 5.4 Medium2025-11-05
CVE-2025-11820 Graphina – Elementor Charts and Graphs <= 3.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Widgets — Graphina – Charts and Graphs For Elementor 6.4 Medium2025-11-05
CVE-2025-11162 Spectra <= 2.19.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom CSS — Spectra Gutenberg Blocks – Website Builder for the Block Editor 6.4 Medium2025-11-05

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.