Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21530

21530 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-46998 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience Manager 5.4 Medium2025-08-20
CVE-2025-9233 Scada-LTS view_edit.shtm cross site scripting — Scada-LTS 3.5 Low2025-08-20
CVE-2025-54175 Reflected Cross-Site Scripting in QuickCMS.EXT — Quick.CMS.EXT 6.1AIMediumAI2025-08-20
CVE-2025-54172 Stored Cross-Site Scripting in QuickCMS — Quick.CMS 4.8AIMediumAI2025-08-20
CVE-2025-43741 Liferay Portal和Liferay DXP 跨站脚本漏洞 — Portal 5.4AIMediumAI2025-08-20
CVE-2025-43742 Liferay Portal和Liferay DXP 跨站脚本漏洞 — Portal 6.1AIMediumAI2025-08-20
CVE-2025-57731 JetBrains YouTrack 跨站脚本漏洞 — YouTrack 8.7 High2025-08-20
CVE-2025-49389 WordPress Notice Bar Plugin <= 3.1.3 - Cross Site Scripting (XSS) Vulnerability — Notice Bar 6.5 Medium2025-08-20
CVE-2025-49392 WordPress Themify Audio Dock Plugin <= 2.0.5 - Cross Site Scripting (XSS) Vulnerability — Themify Audio Dock 5.9 Medium2025-08-20
CVE-2025-49395 WordPress Themify Icons Plugin <= 2.0.3 - Cross Site Scripting (XSS) Vulnerability — Themify Icons 6.5 Medium2025-08-20
CVE-2025-49397 WordPress Colorbox Lightbox Plugin <= 1.1.5 - Cross Site Scripting (XSS) Vulnerability — Colorbox Lightbox 6.5 Medium2025-08-20
CVE-2025-49400 WordPress WP Visitor Statistics (Real Time Traffic) Plugin <= 8.2 - Cross Site Scripting (XSS) Vulnerability — WP Visitor Statistics (Real Time Traffic) 9.8 Critical2025-08-20
CVE-2025-28977 WordPress WP Pipes Plugin <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability — WP Pipes 7.1 High2025-08-20
CVE-2025-49409 WordPress SensorPress plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability — SensorPress 9.8 Critical2025-08-20
CVE-2025-49410 WordPress TC Testimonials plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability — TC Testimonials 10.0 Critical2025-08-20
CVE-2025-49412 WordPress Page Transition plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability — Page Transition 5.9 Medium2025-08-20
CVE-2025-49411 WordPress iFrame Block plugin <= 0.1.1 - Cross Site Scripting (XSS) vulnerability — iFrame Block 7.1 High2025-08-20
CVE-2025-49420 WordPress Ultra Portfolio - WordPress Plugin <= 6.7 - Cross Site Scripting (XSS) Vulnerability — Ultra Portfolio 7.1 High2025-08-20
CVE-2025-49413 WordPress Super Store Finder Plugin <= 7.6 - Reflected Cross Site Scripting (XSS) Vulnerability — Super Store Finder 7.1 High2025-08-20
CVE-2025-49424 WordPress Support Ticket Plugin <= 1.9 - Cross Site Scripting (XSS) Vulnerability — Support Ticket 7.1 High2025-08-20
CVE-2025-49428 WordPress Cookie Warning plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability — Cookie Warning 7.5 High2025-08-20
CVE-2025-49893 WordPress Nuss Theme <= 1.3.3 - Cross Site Scripting (XSS) Vulnerability — Nuss 7.1 High2025-08-20
CVE-2025-48152 WordPress Rentsyst Plugin <= 2.0.100 - Cross Site Scripting (XSS) Vulnerability — Rentsyst 7.1 High2025-08-20
CVE-2025-48151 WordPress CM Map Locations <= 2.1.6 - Cross Site Scripting (XSS) Vulnerability — CM Map Locations 7.1 High2025-08-20
CVE-2025-48154 WordPress Multimedia Playlist Slider Addon for WPBakery Page Builder Plugin <= 2.1 - Cross Site Scripting (XSS) Vulnerability — Multimedia Playlist Slider Addon for WPBakery Page Builder 7.1 High2025-08-20
CVE-2025-48159 WordPress Youtube Vimeo Video Player and Slider WP Plugin <= 3.8 - Cross Site Scripting (XSS) Vulnerability — Youtube Vimeo Video Player and Slider WP Plugin 7.1 High2025-08-20
CVE-2025-48163 WordPress SHOUT - HTML5 Radio Player With Ads - ShoutCast and IceCast Support <= 3.5.4 - Cross Site Scripting (XSS) Vulnerability — SHOUT - HTML5 Radio Player With Ads - ShoutCast and IceCast Support 7.1 High2025-08-20
CVE-2025-48162 WordPress Simple Business Directory Pro <= 15.5.1 - Cross Site Scripting (XSS) Vulnerability — Simple Business Directory Pro 7.1 High2025-08-20
CVE-2025-48168 WordPress Apollo - Sticky Full Width HTML5 Audio Player <= 3.4 - Cross Site Scripting (XSS) Vulnerability — Apollo - Sticky Full Width HTML5 Audio Player 7.1 High2025-08-20
CVE-2025-48170 WordPress Universal Video Player - Addon for WPBakery Page Builder <= 3.2.1 - Cross Site Scripting (XSS) Vulnerability — Universal Video Player - Addon for WPBakery Page Builder 7.1 High2025-08-20

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21530 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.