Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21530

21530 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-57703 Reflected Cross-site Scripting in DIAEnergie — DIAEnergie 6.1 -2025-08-18
CVE-2025-57702 Reflected Cross-site Scripting in DIAEnergie — DIAEnergie 6.1 -2025-08-18
CVE-2025-57701 Reflected Cross-site Scripting in DIAEnergie — DIAEnergie 6.1 -2025-08-18
CVE-2025-57700 Stored Cross-site Scripting in DIAEnergie — DIAEnergie 5.4 -2025-08-18
CVE-2025-9107 Portabilis i-Diario search_autocomplete cross site scripting — i-Diario 4.3 Medium2025-08-18
CVE-2025-9106 Portabilis i-Diario Informações Adicionais /planos-de-ensino-por-disciplina cross site scripting — i-Diario 3.5 Low2025-08-18
CVE-2025-9105 Portabilis i-Diario Informações Adicionais /planos-de-ensino-por-areas-de-conhecimento cross site scripting — i-Diario 3.5 Low2025-08-18
CVE-2025-9104 Portabilis i-Diario Informações Adicionais /planos-de-aulas-por-disciplina cross site scripting — i-Diario 3.5 Low2025-08-18
CVE-2025-9103 ZenCart CKEditor cross site scripting — ZenCart 2.4 Low2025-08-18
CVE-2025-9101 zhenfeng13 My-Blog Tag save cross site scripting — My-Blog 3.5 Low2025-08-18
CVE-2025-9096 ExpressGateway express-gateway REST Endpoint apps.js cross site scripting — express-gateway 3.5 Low2025-08-17
CVE-2025-9095 ExpressGateway express-gateway REST Endpoint users.js cross site scripting — express-gateway 3.5 Low2025-08-17
CVE-2025-8143 Soledad <= 8.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'pcsml_smartlists_h' — Soledad 6.4 Medium2025-08-16
CVE-2025-8719 Translate This - Google Translate Web Element Shortcode <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via base_lang Parameter — Translate This gTranslate Shortcode 6.4 Medium2025-08-16
CVE-2025-8089 Advanced iFrame <= 2025.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — Advanced iFrame 5.4 Medium2025-08-16
CVE-2025-8896 User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor <= 3.14.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting — User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor 6.4 Medium2025-08-16
CVE-2025-8293 Intl DateTime Calendar <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via date Parameter — Intl DateTime Calendar 6.4 Medium2025-08-16
CVE-2025-7439 Anber Elementor Addon <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Banner button link — Anber Elementor Addon 6.4 Medium2025-08-16
CVE-2025-7440 Anber Elementor Addon <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Carousel button link — Anber Elementor Addon 6.4 Medium2025-08-16
CVE-2025-7649 Surbma | Recent Comments Shortcode <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Surbma | Recent Comments Shortcode 6.4 Medium2025-08-16
CVE-2025-7651 Earnware Connect <= 1.0.74 - Authenticated (Contributor+) Stored Cross-Site Scripting — Earnware Connect 6.4 Medium2025-08-16
CVE-2025-6221 Embed Bokun <= 0.23 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Parameter — Embed Bokun 6.4 Medium2025-08-16
CVE-2025-36088 IBM TS4500 cross-site scripting — Storage TS4500 Library 5.4 Medium2025-08-15
CVE-2025-8362 GoogleTag Manager - Moderately critical - Cross-site scripting - SA-CONTRIB-2025-094 — GoogleTag Manager 6.1AIMediumAI2025-08-15
CVE-2025-8092 COOKiES Consent Management - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-092 — COOKiES Consent Management 6.1AIMediumAI2025-08-15
CVE-2025-49898 WordPress Dropshix plugin <= 4.0.14 - Cross Site Scripting (XSS) vulnerability — Dropshix 7.6 High2025-08-15
CVE-2025-55203 Plane Stored XSS in Add Work Item Functionality — plane 5.4 Medium2025-08-15
CVE-2025-5844 Radius Blocks <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via subHeadingTagName Parameter — Radius Blocks – WordPress Gutenberg Blocks 6.4 Medium2025-08-15
CVE-2025-8720 Plugin README Parser <= 1.3.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via target Parameter — Plugin README Parser 6.4 Medium2025-08-15
CVE-2025-8080 Alobaidi Captcha <= 1.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings — Alobaidi Captcha 4.4 Medium2025-08-15

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21530 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.