Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-62968 WordPress WP Last Modified Info plugin <= 1.9.2 - Cross Site Scripting (XSS) vulnerability — WP Last Modified Info 6.5 Medium2025-10-27
CVE-2025-62963 WordPress Estatik plugin <= 4.3.1 - Cross Site Scripting (XSS) vulnerability — Estatik 6.5 Medium2025-10-27
CVE-2025-62951 WordPress H5P plugin <= 1.16.0 - Cross Site Scripting (XSS) vulnerability — H5P 6.5 Medium2025-10-27
CVE-2025-62949 WordPress Activity Plus Reloaded for BuddyPress plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability — Activity Plus Reloaded for BuddyPress 6.5 Medium2025-10-27
CVE-2025-62948 WordPress Date counter plugin <= 2.0.3 - Cross Site Scripting (XSS) vulnerability — Date counter 6.5 Medium2025-10-27
CVE-2025-62942 WordPress WP Mapbox GL JS Maps plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability — WP Mapbox GL JS Maps 6.5 Medium2025-10-27
CVE-2025-62941 WordPress Events Maker by dFactory plugin <= 1.6.14 - Cross Site Scripting (XSS) vulnerability — Events Maker by dFactory 6.5 Medium2025-10-27
CVE-2025-62943 WordPress Next Page, Not Next Post plugin <= 0.3.0 - Cross Site Scripting (XSS) vulnerability — Next Page, Not Next Post 6.5 Medium2025-10-27
CVE-2025-62939 WordPress Open Currency Converter plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability — Open Currency Converter 6.5 Medium2025-10-27
CVE-2025-62940 WordPress Blox Lite plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability — Blox Lite 6.5 Medium2025-10-27
CVE-2025-62937 WordPress Post List Featured Image plugin <= 0.5.9 - Cross Site Scripting (XSS) vulnerability — Post List Featured Image 6.5 Medium2025-10-27
CVE-2025-62930 WordPress MapSVG plugin <= 8.7.22 - Cross Site Scripting (XSS) vulnerability — MapSVG 6.5 Medium2025-10-27
CVE-2025-62921 WordPress Bulk Auto Image Title Attribute plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability — Bulk Auto Image Title Attribute 6.5 Medium2025-10-27
CVE-2025-62923 WordPress Marquee Addons for Elementor plugin <= 3.8.2 - Cross Site Scripting (XSS) vulnerability — Marquee Addons for Elementor 6.5 Medium2025-10-27
CVE-2025-62920 WordPress USERCENTRICS CMP plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability — USERCENTRICS CMP 5.9 Medium2025-10-27
CVE-2025-62917 WordPress Tooltipy plugin <= 5.5.9 - Cross Site Scripting (XSS) vulnerability — Tooltipy 6.5 Medium2025-10-27
CVE-2025-62913 WordPress Opal Service plugin <= 1.9.1 - Cross Site Scripting (XSS) vulnerability — Opal Service 6.5 Medium2025-10-27
CVE-2025-62912 WordPress SiteGround Email Marketing plugin <= 1.7.1 - Cross Site Scripting (XSS) vulnerability — SiteGround Email Marketing 6.5 Medium2025-10-27
CVE-2025-62910 WordPress Video Gallery by Huzzaz plugin <= 10.5 - Cross Site Scripting (XSS) vulnerability — Video Gallery by Huzzaz 6.5 Medium2025-10-27
CVE-2025-62911 WordPress Rock Convert plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability — Rock Convert 6.5 Medium2025-10-27
CVE-2025-62907 WordPress Custom Post Type Attachment plugin <= 3.4.6 - Cross Site Scripting (XSS) vulnerability — Custom Post Type Attachment 6.5 Medium2025-10-27
CVE-2025-62905 WordPress Query Posts plugin <= 0.3.2 - Cross Site Scripting (XSS) vulnerability — Query Posts 6.5 Medium2025-10-27
CVE-2025-62903 WordPress WPC Smart Messages for WooCommerce plugin <= 4.2.8 - Cross Site Scripting (XSS) vulnerability — WPC Smart Messages for WooCommerce 6.5 Medium2025-10-27
CVE-2025-62904 WordPress WP Geo plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability — WP Geo 6.5 Medium2025-10-27
CVE-2025-62899 WordPress Photospace Responsive plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability — Photospace Responsive 5.9 Medium2025-10-27
CVE-2025-62900 WordPress Popular Posts by Webline plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability — Popular Posts by Webline 6.5 Medium2025-10-27
CVE-2025-62898 WordPress Links shortcode plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability — Links shortcode 6.5 Medium2025-10-27
CVE-2025-62894 WordPress ACF Recent Posts Widget plugin <= 5.9.3 - Cross Site Scripting (XSS) vulnerability — ACF Recent Posts Widget 6.5 Medium2025-10-27
CVE-2025-62887 WordPress King Addons for Elementor plugin <= 51.1.61 - Cross Site Scripting (XSS) vulnerability — King Addons for Elementor 6.5 Medium2025-10-27
CVE-2025-62885 WordPress WP VR plugin <= 8.5.48 - Cross Site Scripting (XSS) vulnerability — WP VR 6.5 Medium2025-10-27

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.