Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21532

21532 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-49321 WordPress Eventin plugin <= 4.0.28 - Cross Site Scripting (XSS) Vulnerability — Eventin 7.1 High2025-06-27
CVE-2025-50052 WordPress Flexo Counter plugin <= 1.0001 - Cross Site Scripting (XSS) Vulnerability — Flexo Counter 7.1 High2025-06-27
CVE-2025-52727 WordPress CSS3 Vertical Web Pricing Tables plugin <= 1.9 - Cross Site Scripting (XSS) Vulnerability — CSS3 Vertical Web Pricing Tables 7.1 High2025-06-27
CVE-2025-52774 WordPress Infility Global plugin <= 2.15.06 - Cross Site Scripting (XSS) vulnerability — Infility Global 7.1 High2025-06-27
CVE-2025-52778 WordPress xili-dictionary plugin <= 2.12.5.2 - Cross Site Scripting (XSS) Vulnerability — xili-dictionary 7.1 High2025-06-27
CVE-2025-52799 WordPress LMS theme <= 9.2 - Reflected Cross Site Scripting (XSS) Vulnerability — LMS 7.1 High2025-06-27
CVE-2025-23973 WordPress SpecFit-Virtual Try On Woocommerce plugin <= 8.0.3 - Cross Site Scripting (XSS) vulnerability — SpecFit-Virtual Try On Woocommerce 7.1 High2025-06-27
CVE-2025-49423 WordPress Bulk YouTube Post Creator plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Bulk YouTube Post Creator 7.1 High2025-06-27
CVE-2025-5398 Ninja Forms <= 3.10.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via CSTI — Ninja Forms – The Contact Form Builder That Grows With You 6.4 Medium2025-06-27
CVE-2025-5940 Osom Blocks <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via class_name Parameter — Osom Blocks 6.4 Medium2025-06-27
CVE-2025-6550 The Pack Elementor addon <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — The Pack Elementor addon 6.4 Medium2025-06-27
CVE-2025-4587 A/B Testing for WordPress <= 1.18.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — A/B Testing for WordPress 6.4 Medium2025-06-27
CVE-2025-6689 FL3R Accessibility Suite <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via fl3raccessibilitysuite Shortcode — FL3R Accessibility Suite 6.4 Medium2025-06-27
CVE-2025-6488 isMobile <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via device Parameter — isMobile() Shortcode for WordPress 6.4 Medium2025-06-27
CVE-2025-53121 Stored XSS in multiple 33.0.8files in opennms/opennms — Horizon 5.4AIMediumAI2025-06-26
CVE-2025-6700 Xuxueli xxl-sso login cross site scripting — xxl-sso 4.3 Medium2025-06-26
CVE-2025-6699 LabRedesCefetRJ WeGIA Cadastro de Funcionário cadastro_funcionario.php cross site scripting — WeGIA 3.5 Low2025-06-26
CVE-2025-6698 LabRedesCefetRJ WeGIA Adicionar tipo adicionar_tipoSaida.php cross site scripting — WeGIA 3.5 Low2025-06-26
CVE-2025-6697 LabRedesCefetRJ WeGIA Adicionar tipo adicionar_tipoEntrada.php cross site scripting — WeGIA 3.5 Low2025-06-26
CVE-2025-52902 File Browser has Stored Cross-Site Scripting vulnerability — filebrowser 7.6 High2025-06-26
CVE-2025-6696 LabRedesCefetRJ WeGIA Cadastro de Atendio Cadastro_Atendido.php cross site scripting — WeGIA 3.5 Low2025-06-26
CVE-2025-6677 Paragraphs table - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-084 — Paragraphs table 6.1AIMediumAI2025-06-26
CVE-2025-6676 Simple XML sitemap - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-083 — Simple XML sitemap 6.1AIMediumAI2025-06-26
CVE-2025-6674 CKEditor5 Youtube - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-081 — CKEditor5 Youtube 6.1AIMediumAI2025-06-26
CVE-2025-5682 Klaro Cookie & Consent Management - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-080 — Klaro Cookie & Consent Management 6.1AIMediumAI2025-06-26
CVE-2025-48922 GLightbox - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-078 — GLightbox 6.1AIMediumAI2025-06-26
CVE-2025-48923 Toc.js - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-077 — Toc.js 6.1AIMediumAI2025-06-26
CVE-2025-6695 LabRedesCefetRJ WeGIA Additional Categoria adicionar_categoria.php cross site scripting — WeGIA 3.5 Low2025-06-26
CVE-2025-6694 LabRedesCefetRJ WeGIA Adicionar Unidade adicionar_unidade.php cross site scripting — WeGIA 3.5 Low2025-06-26
CVE-2025-5966 Stored XSS — Exchange Reporter Plus 8.1 High2025-06-26

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.