CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21530

21530 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-58871	WordPress Master Paper Collapse Toggle Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability — Master Paper Collapse Toggle	6.5	Medium	2025-09-05
CVE-2025-58867	WordPress Easy Download Media Counter Plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability — Easy Download Media Counter	6.5	Medium	2025-09-05
CVE-2025-58868	WordPress SimaCookie Plugin <= 1.3.2 - Cross Site Scripting (XSS) Vulnerability — SimaCookie	6.5	Medium	2025-09-05
CVE-2025-58864	WordPress 金数据 Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability — 金数据	6.5	Medium	2025-09-05
CVE-2025-58862	WordPress WordPress Events Calendar Plugin – connectDaily Plugin <= 1.5.5 - Cross Site Scripting (XSS) Vulnerability — WordPress Events Calendar Plugin – connectDaily	6.5	Medium	2025-09-05
CVE-2025-58863	WordPress Zoomify embed for WP Plugin <= 1.5.2 - Cross Site Scripting (XSS) Vulnerability — Zoomify embed for WP	6.5	Medium	2025-09-05
CVE-2025-58858	WordPress WPB Image Widget Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability — WPB Image Widget	6.5	Medium	2025-09-05
CVE-2025-58857	WordPress Table of content Plugin <= 1.5.3.1 - Cross Site Request Forgery (CSRF) Vulnerability — Table of content	7.1	High	2025-09-05
CVE-2025-58851	WordPress Boxed Content Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability — Boxed Content	6.5	Medium	2025-09-05
CVE-2025-58850	WordPress Showpass WordPress Extension Plugin <= 4.0.3 - Cross Site Scripting (XSS) Vulnerability — Showpass WordPress Extension	6.5	Medium	2025-09-05
CVE-2025-58842	WordPress Donation Forms WP by Givecloud Plugin <= 1.0.9 - Cross Site Scripting (XSS) Vulnerability — Donation Forms WP by Givecloud	6.5	Medium	2025-09-05
CVE-2025-58840	WordPress Custom Team Manager Plugin <= 2.4.2 - Cross Site Scripting (XSS) Vulnerability — Custom Team Manager	6.5	Medium	2025-09-05
CVE-2025-58837	WordPress SS Font Awesome Icon Plugin <= 4.1.3 - Cross Site Scripting (XSS) Vulnerability — SS Font Awesome Icon	6.5	Medium	2025-09-05
CVE-2025-58838	WordPress Smooth Accordion Plugin <= 2.1 - Cross Site Scripting (XSS) Vulnerability — Smooth Accordion	6.5	Medium	2025-09-05
CVE-2025-58836	WordPress FW Anker Plugin <= 1.2.6 - Cross Site Scripting (XSS) Vulnerability — FW Anker	6.5	Medium	2025-09-05
CVE-2025-58834	WordPress short.io Plugin <= 2.4.2 - Cross Site Scripting (XSS) Vulnerability — short.io	6.5	Medium	2025-09-05
CVE-2025-58832	WordPress Search by Google Plugin <= 1.9 - Cross Site Scripting (XSS) Vulnerability — Search by Google	5.9	Medium	2025-09-05
CVE-2025-58830	WordPress Parallax Scrolling Enllax.js Plugin <= 0.0.6 - Cross Site Scripting (XSS) Vulnerability — Parallax Scrolling Enllax.js	6.5	Medium	2025-09-05
CVE-2025-58828	WordPress 코드엠샵 소셜톡 plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerability — 코드엠샵 소셜톡	6.5	Medium	2025-09-05
CVE-2025-58826	WordPress WP Publication Archive Plugin <= 3.0.1 - Cross Site Scripting (XSS) Vulnerability — WP Publication Archive	6.5	Medium	2025-09-05
CVE-2025-58825	WordPress Comment Form WP – Customize Default Comment Form plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability — Comment Form WP – Customize Default Comment Form	5.9	Medium	2025-09-05
CVE-2025-58822	WordPress WP Mail Plugin <= 1.3 - Cross Site Scripting (XSS) Vulnerability — WP Mail	6.5	Medium	2025-09-05
CVE-2025-58823	WordPress Get Cash plugin <= 3.2.3 - Cross Site Scripting (XSS) vulnerability — Get Cash	6.5	Medium	2025-09-05
CVE-2025-58820	WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability — Carousel Ultimate	5.9	Medium	2025-09-05
CVE-2025-58821	WordPress WP Notification Bell plugin <= 1.4.6 - Cross Site Scripting (XSS) vulnerability — WP Notification Bell	5.9	Medium	2025-09-05
CVE-2025-58814	WordPress Stagtools Plugin <= 2.3.8 - Cross Site Scripting (XSS) Vulnerability — Stagtools	6.5	Medium	2025-09-05
CVE-2025-58812	WordPress Best Restaurant Menu by PriceListo Plugin <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability — Best Restaurant Menu by PriceListo	6.5	Medium	2025-09-05
CVE-2025-58810	WordPress Simple Link List Widget Plugin <= 0.3.2 - Cross Site Scripting (XSS) Vulnerability — Simple Link List Widget	5.9	Medium	2025-09-05
CVE-2025-58811	WordPress Ultimate Client Dash Plugin <= 4.7 - Cross Site Scripting (XSS) Vulnerability — Ultimate Client Dash	5.9	Medium	2025-09-05
CVE-2025-58808	WordPress prettyPhoto Plugin <= 1.2.5 - Cross Site Scripting (XSS) Vulnerability — prettyPhoto	6.5	Medium	2025-09-05

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21530 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21530