Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-53420 WordPress WPLMS plugin <= 1.9.9.8 - Cross Site Scripting (XSS) vulnerability — WPLMS 7.1 High2025-10-22
CVE-2025-53352 WordPress Grid Plus plugin <= 3.3 - Cross Site Scripting (XSS) vulnerability — Grid Plus 7.1 High2025-10-22
CVE-2025-53351 WordPress Fidelo Snippet plugin <= 1.12 - Cross Site Scripting (XSS) vulnerability — Fidelo Snippet 7.1 High2025-10-22
CVE-2025-53350 WordPress Calendar Plus plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability — Calendar Plus 7.1 High2025-10-22
CVE-2025-53297 WordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability — Woocommerce Envato Affiliates 7.1 High2025-10-22
CVE-2025-53234 WordPress UDesign Core plugin <= 4.14.0 - Cross Site Scripting (XSS) vulnerability — UDesign Core 7.1 High2025-10-22
CVE-2025-53238 WordPress Toast Mobile Menu plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability — Toast Mobile Menu 7.1 High2025-10-22
CVE-2025-53229 WordPress RockON DJ theme <= 3.3 - Reflected Cross Site Scripting (XSS) vulnerability — RockON DJ 7.1 High2025-10-22
CVE-2025-52770 WordPress Hello Followers plugin <= 2.5 - Cross Site Scripting (XSS) vulnerability — Hello Followers 7.1 High2025-10-22
CVE-2025-52763 WordPress Nifty Backups plugin <= 1.08 - Cross Site Scripting (XSS) vulnerability — Nifty Backups 7.1 High2025-10-22
CVE-2025-52760 WordPress MultiSite Clone Duplicator plugin <= 1.5.3 - Cross Site Scripting (XSS) vulnerability — MultiSite Clone Duplicator 7.1 High2025-10-22
CVE-2025-52755 WordPress Child Themes plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability — Child Themes 7.1 High2025-10-22
CVE-2025-52754 WordPress Sello ChannelConnector plugin <= 1.6.3 - Cross Site Scripting (XSS) vulnerability — Sello ChannelConnector 7.1 High2025-10-22
CVE-2025-52753 WordPress Contact Form by Supsystic plugin <= 1.7.36 - Cross Site Scripting (XSS) vulnerability — Contact Form by Supsystic 7.1 High2025-10-22
CVE-2025-52750 WordPress Emu2 plugin <= 0.83b - Cross Site Scripting (XSS) vulnerability — Emu2 7.1 High2025-10-22
CVE-2025-52751 WordPress Slide Puzzle plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability — Slide Puzzle 7.1 High2025-10-22
CVE-2025-52749 WordPress Uji Countdown plugin <= 2.3.3 - Cross Site Scripting (XSS) vulnerability — Uji Countdown 7.1 High2025-10-22
CVE-2025-52748 WordPress Directory Pro plugin <= 2.5.5 - Cross Site Scripting (XSS) Vulnerability — Directory Pro 7.1 High2025-10-22
CVE-2025-52742 WordPress Pets Plugin <= 1.4.1 - Cross Site Scripting (XSS) Vulnerability — Pets 7.1 High2025-10-22
CVE-2025-52743 WordPress oik-privacy-policy plugin <= 1.4.10 - Cross Site Scripting (XSS) vulnerability — oik-privacy-policy 7.1 High2025-10-22
CVE-2025-52741 WordPress Post Connector Plugin <= 1.0.11 - Cross Site Scripting (XSS) Vulnerability — Post Connector 7.1 High2025-10-22
CVE-2025-52736 WordPress Finale Lite Plugin <= 2.20.0 - Cross Site Scripting (XSS) Vulnerability — Finale Lite 7.1 High2025-10-22
CVE-2025-49992 WordPress LearnPress Export Import plugin <= 4.0.9 - Cross Site Scripting (XSS) vulnerability — LearnPress Export Import 7.1 High2025-10-22
CVE-2025-49962 WordPress bbPress Notify plugin <= 2.19.5 - Cross Site Scripting (XSS) vulnerability — bbPress Notify 7.1 High2025-10-22
CVE-2025-49963 WordPress Simple Stripe Checkout plugin <= 1.1.28 - Cross Site Scripting (XSS) vulnerability — Simple Stripe Checkout 7.1 High2025-10-22
CVE-2025-52735 WordPress NextMove Lite plugin <= 2.24.0 - Cross Site Scripting (XSS) vulnerability — NextMove Lite 7.1 High2025-10-22
CVE-2025-52734 WordPress CropRefine Plugin <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability — CropRefine 7.1 High2025-10-22
CVE-2025-49960 WordPress LeadBI Plugin for WordPress plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability — LeadBI Plugin for WordPress 6.5 Medium2025-10-22
CVE-2025-49958 WordPress Robokassa payment gateway for Woocommerce plugin <= 1.8.6 - Cross Site Scripting (XSS) vulnerability — Robokassa payment gateway for Woocommerce 7.1 High2025-10-22
CVE-2025-49959 WordPress bbPress Move Topics plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability — bbPress Move Topics 7.1 High2025-10-22

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.