CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-53454	WordPress Ultimate WP Mail Plugin <= 1.3.8 - Cross Site Scripting (XSS) Vulnerability — Ultimate WP Mail	6.5	Medium	2025-09-22
CVE-2025-53455	WordPress CashBill.pl – Płatności WooCommerce Plugin <= 3.2.1 - Cross Site Scripting (XSS) Vulnerability — CashBill.pl – Płatności WooCommerce	5.9	Medium	2025-09-22
CVE-2025-53458	WordPress Goracash Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability — Goracash	5.9	Medium	2025-09-22
CVE-2025-53460	WordPress AffiliateWP – External Referral Links Plugin <= 1.2.0 - Cross Site Scripting (XSS) Vulnerability — AffiliateWP – External Referral Links	5.9	Medium	2025-09-22
CVE-2025-53463	WordPress HT Mega – Absolute Addons for WPBakery Page Builder Plugin <= 1.0.9 - Cross Site Scripting (XSS) Vulnerability — HT Mega – Absolute Addons for WPBakery Page Builder	6.5	Medium	2025-09-22
CVE-2025-53462	WordPress SAPO Feed plugin <= 2.4.2 - Cross Site Scripting (XSS) vulnerability — SAPO Feed	5.9	Medium	2025-09-22
CVE-2025-53464	WordPress WP Mailto Links Plugin <= 3.1.4 - Cross Site Scripting (XSS) Vulnerability — WP Mailto Links	5.9	Medium	2025-09-22
CVE-2025-53466	WordPress Better Find and Replace Plugin <= 1.7.6 - Cross Site Scripting (XSS) Vulnerability — Better Find and Replace	5.9	Medium	2025-09-22
CVE-2025-53467	WordPress Login-Logout Plugin <= 3.8 - Cross Site Scripting (XSS) Vulnerability — Login-Logout	5.9	Medium	2025-09-22
CVE-2025-53469	WordPress BMI Adult & Kid Calculator Plugin <= 1.2.2 - Cross Site Scripting (XSS) Vulnerability — BMI Adult & Kid Calculator	5.9	Medium	2025-09-22
CVE-2025-57898	WordPress WP Frontend Admin plugin <= 1.22.7 - Cross Site Scripting (XSS) vulnerability — WP Frontend Admin	6.5	Medium	2025-09-22
CVE-2025-53570	WordPress DELUCKS SEO Plugin <= 2.7.0 - Cross Site Scripting (XSS) Vulnerability — DELUCKS SEO	6.5	Medium	2025-09-22
CVE-2025-57900	WordPress GutenKit Plugin <= 2.4.2 - Cross Site Scripting (XSS) Vulnerability — GutenKit	6.5	Medium	2025-09-22
CVE-2025-57903	WordPress WooCommerce Additional Fees On Checkout (Free) plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerability — WooCommerce Additional Fees On Checkout (Free)	5.9	Medium	2025-09-22
CVE-2025-57904	WordPress Sales Count Manager for WooCommerce plugin <= 2.6 - Cross Site Scripting (XSS) vulnerability — Sales Count Manager for WooCommerce	5.9	Medium	2025-09-22
CVE-2025-57906	WordPress Epeken All Kurir plugin <= 2.0.6 - Cross Site Scripting (XSS) vulnerability — Epeken All Kurir	5.9	Medium	2025-09-22
CVE-2025-57908	WordPress Product Time Countdown for WooCommerce plugin <= 1.6.5 - Cross Site Scripting (XSS) vulnerability — Product Time Countdown for WooCommerce	5.9	Medium	2025-09-22
CVE-2025-57910	WordPress AnyClip Luminous Studio Plugin <= 1.3.3 - Cross Site Scripting (XSS) Vulnerability — AnyClip Luminous Studio	6.5	Medium	2025-09-22
CVE-2025-57911	WordPress Adverts Plugin <= 1.4 - Cross Site Scripting (XSS) Vulnerability — Adverts	6.5	Medium	2025-09-22
CVE-2025-57913	WordPress Behance Portfolio Manager plugin <= 1.7.5 - Cross Site Scripting (XSS) vulnerability — Behance Portfolio Manager	6.5	Medium	2025-09-22
CVE-2025-57912	WordPress Dialogity Free Live Chat plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability — Dialogity Free Live Chat	5.9	Medium	2025-09-22
CVE-2025-57920	WordPress Category Featured Images Extended Plugin <= 1.52 - Cross Site Scripting (XSS) Vulnerability — Category Featured Images Extended	5.9	Medium	2025-09-22
CVE-2025-57926	WordPress Passster Plugin <= 4.2.18 - Cross Site Scripting (XSS) Vulnerability — Passster	6.5	Medium	2025-09-22
CVE-2025-57929	WordPress Double the Donation Plugin <= 2.0.0 - Cross Site Scripting (XSS) Vulnerability — Double the Donation	5.9	Medium	2025-09-22
CVE-2025-57932	WordPress PowerFolio Plugin <= 3.2.1 - Cross Site Scripting (XSS) Vulnerability — PowerFolio	6.5	Medium	2025-09-22
CVE-2025-57935	WordPress Bot Block – Stop Spam Referrals in Google Analytics Plugin <= 2.6 - Cross Site Scripting (XSS) Vulnerability — Bot Block – Stop Spam Referrals in Google Analytics	5.9	Medium	2025-09-22
CVE-2025-57938	WordPress Easy Hotel Booking plugin <= 1.9.0 - Cross Site Scripting (XSS) vulnerability — Easy Hotel Booking	6.5	Medium	2025-09-22
CVE-2025-57940	WordPress Append extensions on Pages Plugin <= 1.1.2 - Cross Site Scripting (XSS) Vulnerability — Append extensions on Pages	5.9	Medium	2025-09-22
CVE-2025-57941	WordPress Append Link on Copy Plugin <= 0.2 - Cross Site Scripting (XSS) Vulnerability — Append Link on Copy	5.9	Medium	2025-09-22
CVE-2025-57945	WordPress WP Advanced PDF Plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability — WP Advanced PDF	5.9	Medium	2025-09-22

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529