CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-59545	DNN Vulnerable to Stored Cross-Site Scripting (XSS) in the Prompt module — Dnn.Platform	9.1	Critical	2025-09-23
CVE-2025-59539	DNN affected by Stored Cross-Site Scripting (XSS) in Profile Biography field — Dnn.Platform	6.3	Medium	2025-09-23
CVE-2025-0209	Reflected Cross-Site Scripting (XSS) in WSO2 Identity Server Account Registration Flow — WSO2 Identity Server	6.1	Medium	2025-09-23
CVE-2025-4760	Authenticated Stored Cross-Site Scripting (XSS) in Multiple WSO2 Products via API Document Upload in Publisher — WSO2 API Manager	4.8	Medium	2025-09-23
CVE-2025-10244	HTML Payload Stored Cross-Site Scripting (XSS) Vulnerability — Fusion	8.7	High	2025-09-23
CVE-2025-9798	Stored XSS in Netcad Software's Netigma — Netigma	8.9	High	2025-09-23
CVE-2025-10837	code-projects Simple Food Ordering System order.php cross site scripting — Simple Food Ordering System	3.5	Low	2025-09-23
CVE-2025-8902	Widget Options - Extended <= 5.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Widget Options - Extended	6.4	Medium	2025-09-23
CVE-2025-58915	WordPress Request a Quote plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability — Request a Quote	6.5	Medium	2025-09-23
CVE-2025-10827	PHPJabbers Restaurant Menu Maker preview.php cross site scripting — Restaurant Menu Maker	4.3	Medium	2025-09-23
CVE-2025-59526	Mailgen: HTML injection vulnerability in plaintext e-mails — mailgen	6.1^AI	Medium^AI	2025-09-22
CVE-2025-59430	Mesh Connect JS SDK Vulnerable to Cross Site Scripting via createLink.openLink — mesh-web-sdk	8.2	High	2025-09-22
CVE-2025-58960	WordPress IP Based Login Plugin <= 2.4.3 - Cross Site Scripting (XSS) Vulnerability — IP Based Login	5.9	Medium	2025-09-22
CVE-2025-58965	WordPress Fusion Page Builder : Extension – Gallery Plugin <= 1.7.6 - Cross Site Scripting (XSS) Vulnerability — Fusion Page Builder : Extension – Gallery	6.5	Medium	2025-09-22
CVE-2025-58974	WordPress WPComplete Plugin <= 2.9.5.2 - Cross Site Scripting (XSS) Vulnerability — WPComplete	6.5	Medium	2025-09-22
CVE-2025-58992	WordPress Product Catalog Simple Plugin <= 1.8.2 - Cross Site Scripting (XSS) Vulnerability — Product Catalog Simple	6.5	Medium	2025-09-22
CVE-2025-59549	WordPress GetResponse Forms Plugin <= 2.6.0 - Cross Site Scripting (XSS) Vulnerability — GetResponse Forms	6.5	Medium	2025-09-22
CVE-2025-59552	WordPress Save as PDF Plugin <= 4.5.2 - Cross Site Scripting (XSS) Vulnerability — Save as PDF	6.5	Medium	2025-09-22
CVE-2025-59553	WordPress Custom iFrame for Elementor Plugin <= 1.0.13 - Cross Site Scripting (XSS) Vulnerability — Custom iFrame for Elementor	6.5	Medium	2025-09-22
CVE-2025-59565	WordPress Upsell Order Bump Offer for WooCommerce Plugin <= 3.0.7 - Cross Site Scripting (XSS) Vulnerability — Upsell Order Bump Offer for WooCommerce	6.5	Medium	2025-09-22
CVE-2025-59569	WordPress CubeWP Plugin <= 1.1.26 - Cross Site Scripting (XSS) Vulnerability — CubeWP	6.5	Medium	2025-09-22
CVE-2025-59574	WordPress WP Travel Engine Plugin <= 1.4.2 - Cross Site Scripting (XSS) Vulnerability — WP Travel Engine	6.5	Medium	2025-09-22
CVE-2025-59583	WordPress Penci Filter Everything Plugin < 1.7 - Cross Site Scripting (XSS) Vulnerability — Penci Filter Everything	6.5	Medium	2025-09-22
CVE-2025-59584	WordPress Penci Podcast Plugin <= 1.6 - Cross Site Scripting (XSS) Vulnerability — Penci Podcast	6.5	Medium	2025-09-22
CVE-2025-59585	WordPress Penci Recipe Plugin <= 4.0 - Cross Site Scripting (XSS) Vulnerability — Penci Recipe	6.5	Medium	2025-09-22
CVE-2025-59586	WordPress Penci Portfolio Plugin <= 3.5 - Cross Site Scripting (XSS) Vulnerability — Penci Portfolio	6.5	Medium	2025-09-22
CVE-2025-59587	WordPress Penci Shortcodes & Performance Plugin < 6.1 - Cross Site Scripting (XSS) Vulnerability — Penci Shortcodes & Performance	6.5	Medium	2025-09-22
CVE-2025-59589	WordPress Soledad Theme <= 8.6.8 - Cross Site Scripting (XSS) Vulnerability — Soledad	6.5	Medium	2025-09-22
CVE-2025-59590	WordPress Media Library Assistant Plugin <= 3.28 - Cross Site Scripting (XSS) Vulnerability — Media LIbrary Assistant	5.9	Medium	2025-09-22
CVE-2025-59592	WordPress Make Column Clickable Elementor Plugin <= 1.6.0 - Cross Site Scripting (XSS) Vulnerability — Make Column Clickable Elementor	6.5	Medium	2025-09-22

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529