Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-58683 WordPress Last Updated Shortcode Plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability — Last Updated Shortcode 6.5 Medium2025-09-22
CVE-2025-58684 WordPress Logo Showcase plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerability — Logo Showcase 6.5 Medium2025-09-22
CVE-2025-58689 WordPress Tapfiliate Plugin <= 3.2.2 - Cross Site Scripting (XSS) Vulnerability — Tapfiliate 6.5 Medium2025-09-22
CVE-2025-58691 WordPress Genesis Club Lite Plugin <= 1.17 - Cross Site Scripting (XSS) Vulnerability — Genesis Club Lite 6.5 Medium2025-09-22
CVE-2025-58702 WordPress MarketKing Plugin <= 2.0.92 - Cross Site Scripting (XSS) Vulnerability — MarketKing 6.5 Medium2025-09-22
CVE-2025-58704 WordPress WP Delete User Accounts Plugin <= 1.2.4 - Cross Site Scripting (XSS) Vulnerability — WP Delete User Accounts 6.5 Medium2025-09-22
CVE-2025-58703 WordPress Skyword API Plugin Plugin <= 2.5.3 - Cross Site Scripting (XSS) Vulnerability — Skyword API Plugin 6.5 Medium2025-09-22
CVE-2025-43807 Liferay Portal和Liferay DXP 跨站脚本漏洞 — Portal 5.4AIMediumAI2025-09-22
CVE-2025-59412 CubeCart Vulnerable to HTML Injection in Product Reviews Allows Malicious Links and Defacement — v6 5.4 Medium2025-09-22
CVE-2025-59411 CubeCart Stored/Reflected HTML Injection Vulnerability in Contact Enquiry — v6 5.4 Medium2025-09-22
CVE-2025-10794 PHPGurukul Car Rental Project search.php cross site scripting — Car Rental Project 4.3 Medium2025-09-22
CVE-2025-9035 Reflected XSS in Horato Internet Technologies' Virtual Library Platform — Virtual Library Platform 5.4 Medium2025-09-22
CVE-2025-8079 Reflected XSS in Akıllı Ticaret Software Technologies' Smart Trade E-Commerce — Smart Trade E-Commerce 4.6 Medium2025-09-22
CVE-2025-53692 Sitecore Experience Platform Cross-Site Scripting Vulnerability — Sitecore Experience Manager (XM) 7.1 High2025-09-21
CVE-2025-10758 htmly Custom Field post cross site scripting — htmly 2.4 Low2025-09-21
CVE-2025-10181 Draft List <= 2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — Draft List 6.4 Medium2025-09-20
CVE-2025-26514 CVE-2025-26514 Reflected Cross-Site Scripting Vulnerability in StorageGRID (formerly StorageGRID Webscale) — StorageGRID 6.4 Medium2025-09-19
CVE-2025-36248 IBM Copy Services Manager cross-site scripting — Copy Services Manager 6.1 Medium2025-09-19
CVE-2025-8664 XSS in Saysis Computer Systems' StarCities — StarCities E-Municipality Management 6.3 Medium2025-09-19
CVE-2025-10711 07FLYCMS/07FLY-CMS/07FlyCRM Login cross site scripting — 07FLYCMS 4.3 Medium2025-09-19
CVE-2025-10710 07FLYCMS/07FLY-CMS/07FlyCRM index.php cross site scripting — 07FLYCMS 4.3 Medium2025-09-19
CVE-2025-9969 Reflected XSS in Vizly Web Design's Real Estate Packages — Real Estate Packages 7.1 High2025-09-19
CVE-2025-10146 Download Manager <= 3.3.23 - Reflected Cross-Site Scripting via `user_ids` Parameter — Download Manager 6.1 Medium2025-09-19
CVE-2025-59712 Snipe-IT 跨站脚本漏洞 — Snipe-IT 6.4 Medium2025-09-19
CVE-2025-59715 SMSEagle 跨站脚本漏洞 — SMSEagle 4.8 Medium2025-09-19
CVE-2025-59424 LinkAce Vulnerable to Stored XSS on the Audit Page — LinkAce 7.3 High2025-09-18
CVE-2025-36139 IBM watsonx.data cross-site scripting — watsonx.data 5.5 Medium2025-09-18
CVE-2025-59417 Lobe Chat Desktop Vulnerable to Remote Code Execution via XSS in Chat Messages — lobe-chat 8.2AIHighAI2025-09-18
CVE-2025-9992 Ghost Kit <= 3.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — Ghost Kit – Page Builder Blocks, Motion Effects & Extensions 6.4 Medium2025-09-18
CVE-2025-0547 XSS in Mikrogrup's Bizmu — Bizmu 4.7 Medium2025-09-18

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.