Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-58241 WordPress SnapWidget Social Photo Feed Widget Plugin <= 1.1.0 - Cross Site Scripting (XSS) Vulnerability — SnapWidget Social Photo Feed Widget 6.5 Medium2025-09-22
CVE-2025-58240 WordPress xili-tidy-tags Plugin <= 1.12.06 - Cross Site Scripting (XSS) Vulnerability — xili-tidy-tags 6.5 Medium2025-09-22
CVE-2025-58242 WordPress Bg Church Memos Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability — Bg Church Memos 6.5 Medium2025-09-22
CVE-2025-58245 WordPress Portfolio Plugin <= 2.58 - Cross Site Scripting (XSS) Vulnerability — Portfolio 5.9 Medium2025-09-22
CVE-2025-58248 WordPress Pinterest Pinboard Widget Plugin <= 1.0.7 - Cross Site Scripting (XSS) Vulnerability — Pinterest Pinboard Widget 6.5 Medium2025-09-22
CVE-2025-58253 WordPress Real Estate Manager Plugin <= 7.3 - Cross Site Scripting (XSS) Vulnerability — Real Estate Manager 6.5 Medium2025-09-22
CVE-2025-58254 WordPress StylePress for Elementor Plugin <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability — StylePress for Elementor 6.5 Medium2025-09-22
CVE-2025-58256 WordPress DOAJ Export Plugin <= 1.0.4 - Cross Site Scripting (XSS) Vulnerability — DOAJ Export 5.9 Medium2025-09-22
CVE-2025-58257 WordPress Verowa Connect plugin <= 3.2.3 - Cross Site Scripting (XSS) vulnerability — Verowa Connect 6.5 Medium2025-09-22
CVE-2025-58260 WordPress Highlight and Share – Social Text and Image Sharing plugin <= 5.1.1 - Cross Site Scripting (XSS) vulnerability — Highlight and Share 6.5 Medium2025-09-22
CVE-2025-58263 WordPress BuddyPress Notification Widget Plugin <= 1.3.3 - Cross Site Scripting (XSS) Vulnerability — BuddyPress Notification Widget 6.5 Medium2025-09-22
CVE-2025-58264 WordPress JupiterX Core Plugin <= 4.11.0 - Cross Site Scripting (XSS) Vulnerability — JupiterX Core 6.5 Medium2025-09-22
CVE-2025-58265 WordPress Events Manager – OpenStreetMaps Plugin <= 4.2.1 - Cross Site Scripting (XSS) Vulnerability — Events Manager – OpenStreetMaps 6.5 Medium2025-09-22
CVE-2025-58266 WordPress Gianism plugin <= 6.0.0 - Cross Site Scripting (XSS) vulnerability — Gianism 5.9 Medium2025-09-22
CVE-2025-58271 WordPress AnyClip Luminous Studio Plugin <= 1.3.3 - Cross Site Scripting (XSS) Vulnerability — AnyClip Luminous Studio 5.9 Medium2025-09-22
CVE-2025-58646 WordPress Mobi2Go Plugin <= 1.0.0 - Cross Site Scripting (XSS) Vulnerability — Mobi2Go 5.9 Medium2025-09-22
CVE-2025-58645 WordPress Gravitate Automated Tester Plugin <= 1.4.5 - Cross Site Scripting (XSS) Vulnerability — Gravitate Automated Tester 5.9 Medium2025-09-22
CVE-2025-58647 WordPress Simple Restaurant Menu Plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability — Simple Restaurant Menu 5.9 Medium2025-09-22
CVE-2025-58648 WordPress Simple JWT Login plugin <= 3.6.4 - Cross Site Scripting (XSS) vulnerability — Simple JWT Login 6.5 Medium2025-09-22
CVE-2025-58651 WordPress PlayerJS Plugin <= 2.24 - Cross Site Scripting (XSS) Vulnerability — PlayerJS 6.5 Medium2025-09-22
CVE-2025-58652 WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability — Carousel Ultimate 6.5 Medium2025-09-22
CVE-2025-58653 WordPress JSM file_get_contents() Shortcode Plugin <= 2.7.1 - Cross Site Scripting (XSS) Vulnerability — JSM file_get_contents() Shortcode 6.5 Medium2025-09-22
CVE-2025-58654 WordPress xili-language Plugin <= 2.21.3 - Cross Site Scripting (XSS) Vulnerability — xili-language 6.5 Medium2025-09-22
CVE-2025-58655 WordPress Category Featured Images Plugin <= 1.1.8 - Cross Site Scripting (XSS) Vulnerability — Category Featured Images 5.9 Medium2025-09-22
CVE-2025-58658 WordPress Proof Factor – Social Proof Notifications Plugin <= 1.0.5 - Cross Site Scripting (XSS) Vulnerability — Proof Factor – Social Proof Notifications 5.9 Medium2025-09-22
CVE-2025-58661 WordPress eZee Online Hotel Booking Engine Plugin <= 1.0.0 - Cross Site Scripting (XSS) Vulnerability — eZee Online Hotel Booking Engine 5.9 Medium2025-09-22
CVE-2025-58665 WordPress Form Generator for WordPress Plugin <= 1.52 - Cross Site Scripting (XSS) Vulnerability — Form Generator for WordPress 5.9 Medium2025-09-22
CVE-2025-58669 WordPress Magento 2 WordPress Integration plugin <= 1.4.2.1 - Cross Site Scripting (XSS) vulnerability — Magento 2 WordPress Integration 5.9 Medium2025-09-22
CVE-2025-58671 WordPress Auction Feed plugin <= 1.1.4 - Cross Site Request Forgery (CSRF) vulnerability — Auction Feed 7.1 High2025-09-22
CVE-2025-58682 WordPress Kama Click Counter plugin <= 4.0.4 - Cross Site Scripting (XSS) vulnerability — Kama Click Counter 6.5 Medium2025-09-22

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.