Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21530

21530 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-58630 WordPress Simple Matomo Tracking Code Plugin <= 1.1.0 - Cross Site Scripting (XSS) Vulnerability — Simple Matomo Tracking Code 5.9 Medium2025-09-03
CVE-2025-58626 WordPress RumbleTalk Live Group Chat Plugin <= 6.3.5 - Cross Site Scripting (XSS) Vulnerability — RumbleTalk Live Group Chat 6.5 Medium2025-09-03
CVE-2025-58625 WordPress WP Flow Plus Plugin <= 5.2.5 - Cross Site Scripting (XSS) Vulnerability — WP Flow Plus 5.9 Medium2025-09-03
CVE-2025-58624 WordPress Exchange Rates Plugin <= 1.2.5 - Cross Site Scripting (XSS) Vulnerability — Exchange Rates 6.5 Medium2025-09-03
CVE-2025-58623 WordPress Event Feed for Eventbrite Plugin <= 1.3.2 - Cross Site Scripting (XSS) Vulnerability — Event Feed for Eventbrite 6.5 Medium2025-09-03
CVE-2025-58620 WordPress PDF for WPForms Plugin <= 6.2.1 - Cross Site Scripting (XSS) Vulnerability — PDF for WPForms 6.5 Medium2025-09-03
CVE-2025-58621 WordPress PuzzleMe for WordPress Plugin <= 1.2.0 - Cross Site Scripting (XSS) Vulnerability — PuzzleMe for WordPress 6.5 Medium2025-09-03
CVE-2025-58618 WordPress Pie Calendar Plugin <= 1.2.8 - Cross Site Scripting (XSS) Vulnerability — Pie Calendar 6.5 Medium2025-09-03
CVE-2025-58614 WordPress Tooltipy Plugin <= 5.5.6 - Cross Site Scripting (XSS) Vulnerability — Tooltipy 6.5 Medium2025-09-03
CVE-2025-58612 WordPress PropertyHive Plugin <= 2.1.5 - Cross Site Scripting (XSS) Vulnerability — PropertyHive 6.5 Medium2025-09-03
CVE-2025-58610 WordPress Gallery PhotoBlocks Plugin <= 1.3.1 - Cross Site Scripting (XSS) Vulnerability — Gallery PhotoBlocks 6.5 Medium2025-09-03
CVE-2025-58609 WordPress Latest Post Shortcode Plugin <= 14.0.3 - Cross Site Scripting (XSS) Vulnerability — Latest Post Shortcode 6.5 Medium2025-09-03
CVE-2025-58607 WordPress Cookie Notice & Consent Banner for GDPR & CCPA Compliance Plugin <= 1.7.11 - Cross Site Scripting (XSS) Vulnerability — Cookie Notice & Consent Banner for GDPR & CCPA Compliance 6.5 Medium2025-09-03
CVE-2025-58605 WordPress WP Delicious Plugin <= 1.8.7 - Cross Site Scripting (XSS) Vulnerability — WP Delicious 6.5 Medium2025-09-03
CVE-2025-58602 WordPress If-So Dynamic Content Personalization Plugin <= 1.9.4 - Cross Site Scripting (XSS) Vulnerability — If-So Dynamic Content Personalization 6.5 Medium2025-09-03
CVE-2025-58596 WordPress MailOptin Plugin <= 1.2.75.0 - Cross Site Scripting (XSS) Vulnerability — MailOptin 5.9 Medium2025-09-03
CVE-2025-58593 WordPress Orbit Fox by ThemeIsle Plugin <= 3.0.0 - Cross Site Scripting (XSS) Vulnerability — Orbit Fox by ThemeIsle 6.5 Medium2025-09-03
CVE-2025-9823 Reflected XSS in lead:addLeadTags - Quick Add — Mautic 6.1AIMediumAI2025-09-03
CVE-2025-0878 XSS in Akinsoft's LimonDesk — LimonDesk 4.7 Medium2025-09-03
CVE-2024-13064 XSS in Akinsoft's MyRezzta — MyRezzta 4.3 Medium2025-09-03
CVE-2025-9378 Vayu Blocks <= 1.3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Block Attributes — Vayu Blocks – Website Builder for the Block Editor 6.4 Medium2025-09-03
CVE-2025-58351 Outline's Local File Storage Feature can Cause CSP Bypass — outline 6.8 Medium2025-09-03
CVE-2025-9845 code-projects Fruit Shop Management System products.php cross site scripting — Fruit Shop Management System 3.5 Low2025-09-03
CVE-2025-9834 PHPGurukul Small CRM registration.php cross site scripting — Small CRM 3.5 Low2025-09-02
CVE-2024-12974 XSS in Akinsoft's ProKuaför — ProKuaför 4.3 Medium2025-09-02
CVE-2024-12972 XSS in Akinsoft's OctoCloud — OctoCloud 4.3 Medium2025-09-02
CVE-2025-9796 thinkgem JeeSite EncodeUtils.java decodeUrl2 cross site scripting — JeeSite 3.5 Low2025-09-01
CVE-2025-0656 IBM Concert Software cross-site scripting — Concert Software 6.1 Medium2025-09-01
CVE-2025-33082 IBM Concert Software cross-site scripting — Concert Software 5.4 Medium2025-09-01
CVE-2025-33083 IBM Concert Software cross-site scripting — Concert Software 5.4 Medium2025-09-01

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21530 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.