Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21530

21530 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-53579 WordPress Captcha.eu Plugin < 1.0.61 - Cross Site Scripting (XSS) Vulnerability — Captcha.eu 7.1 High2025-08-28
CVE-2025-53289 WordPress Theme Blvd Widget Areas Plugin <= 1.3.0 - Cross Site Scripting (XSS) Vulnerability — Theme Blvd Widget Areas 7.1 High2025-08-28
CVE-2025-53224 WordPress NextGEN Gallery Search Plugin <= 2.12 - Cross Site Scripting (XSS) Vulnerability — NextGEN Gallery Search 7.1 High2025-08-28
CVE-2025-53225 WordPress e-Boekhouden.nl Plugin <= 1.9.3 - Cross Site Scripting (XSS) Vulnerability — e-Boekhouden.nl 7.1 High2025-08-28
CVE-2025-53223 WordPress Theme Switcher Reloaded Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability — Theme Switcher Reloaded 7.1 High2025-08-28
CVE-2025-53220 WordPress XmasB Quotes Plugin <= 1.6.1 - Cross Site Scripting (XSS) Vulnerability — XmasB Quotes 7.1 High2025-08-28
CVE-2025-53215 WordPress Yahoo! WebPlayer Plugin <= 2.0.6 - Cross Site Scripting (XSS) Vulnerability — Yahoo! WebPlayer 7.1 High2025-08-28
CVE-2025-49407 WordPress Houzez Theme <= 4.1.1 - Cross Site Scripting (XSS) Vulnerability — Houzez 8.8 High2025-08-28
CVE-2025-48365 WordPress Custom Comment plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability — Custom Comment 5.9 Medium2025-08-28
CVE-2025-48360 WordPress Varnish/Nginx Proxy Caching plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability — Varnish/Nginx Proxy Caching 5.9 Medium2025-08-28
CVE-2025-48358 WordPress Risk Free Cash On Delivery (COD) – WooCommerce plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability — Risk Free Cash On Delivery (COD) – WooCommerce 5.9 Medium2025-08-28
CVE-2025-48356 WordPress Kanpress plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability — Kanpress 6.5 Medium2025-08-28
CVE-2025-48354 WordPress Better Post & Filter Widgets for Elementor plugin <= 1.6.1 - Cross Site Scripting (XSS) vulnerability — Better Post & Filter Widgets for Elementor 6.5 Medium2025-08-28
CVE-2025-48352 WordPress Yandex Site search pinger plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability — Yandex Site search pinger 5.9 Medium2025-08-28
CVE-2025-48349 WordPress Video Gallery – Vimeo and YouTube Gallery plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability — Video Gallery – Vimeo and YouTube Gallery 6.5 Medium2025-08-28
CVE-2025-48347 WordPress bxSlider integration for WordPress plugin <= 1.7.2 - Cross Site Scripting (XSS) vulnerability — bxSlider integration for WordPress 6.5 Medium2025-08-28
CVE-2025-48323 WordPress Advance Food Menu plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability — Advance Food Menu 5.9 Medium2025-08-28
CVE-2025-48324 WordPress tli.tl auto Twitter poster plugin <= 3.4 - Cross Site Scripting (XSS) vulnerability — tli.tl auto Twitter poster 5.9 Medium2025-08-28
CVE-2025-48322 WordPress Statify Widget plugin <= 1.4.6 - Cross Site Scripting (XSS) vulnerability — Statify Widget 6.5 Medium2025-08-28
CVE-2025-48319 WordPress Mesa Mesa Reservation Widget plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability — Mesa Mesa Reservation Widget 5.9 Medium2025-08-28
CVE-2025-48316 WordPress Responsive Mobile-Friendly Tooltip plugin <= 1.6.6 - Cross Site Scripting (XSS) vulnerability — Responsive Mobile-Friendly Tooltip 6.5 Medium2025-08-28
CVE-2025-48315 WordPress WordPress HTML plugin <= 0.51 - Cross Site Scripting (XSS) vulnerability — WordPress HTML 6.5 Medium2025-08-28
CVE-2025-48314 WordPress Add Code To Head plugin <= 1.17 - Cross Site Scripting (XSS) vulnerability — Add Code To Head 5.9 Medium2025-08-28
CVE-2025-48312 WordPress WPAvatar plugin <= 1.9.4 - Cross Site Scripting (XSS) vulnerability — WPAvatar 6.5 Medium2025-08-28
CVE-2025-48313 WordPress Tripadvisor Shortcode plugin <= 2.2 - Cross Site Scripting (XSS) vulnerability — Tripadvisor Shortcode 5.9 Medium2025-08-28
CVE-2025-48305 WordPress Goal Tracker for Patreon plugin <= 0.4.6 - Cross Site Scripting (XSS) vulnerability — Goal Tracker for Patreon 5.9 Medium2025-08-28
CVE-2025-48110 WordPress Link View plugin <= 0.8.0 - Cross Site Scripting (XSS) vulnerability — Link View 6.5 Medium2025-08-28
CVE-2025-55175 Reflected XSS in QuickCMS — QuickCMS 4.8AIMediumAI2025-08-28
CVE-2025-54544 Stored XSS in QuickCMS — QuickCMS 4.8AIMediumAI2025-08-28
CVE-2025-54543 Stored XSS in QuickCMS — QuickCMS 4.8AIMediumAI2025-08-28

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21530 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.