CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21534

21534 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-5765	code-projects Laundry System edit_laundry.php cross site scripting — Laundry System	3.5	Low	2025-06-06
CVE-2025-5764	code-projects Laundry System insert_laundry.php cross site scripting — Laundry System	3.5	Low	2025-06-06
CVE-2025-41367	Stored Cross-Site Scripting (XSS) vulnerability in IDF and ZLF — IDF and ZLF	5.4^AI	Medium^AI	2025-06-06
CVE-2025-41364	Stored Cross-Site Scripting (XSS) vulnerability in IDF and ZLF — IDF and ZLF	5.4^AI	Medium^AI	2025-06-06
CVE-2025-48329	WordPress Real Time Validation for Gravity Forms plugin <= 1.7.0 - Reflected Cross Site Scripting (XSS) vulnerability — Real Time Validation for Gravity Forms	7.1	High	2025-06-06
CVE-2025-49076	WordPress The Plus Addons for Elementor Page Builder Lite plugin <= 6.2.7 - Cross Site Scripting (XSS) vulnerability — The Plus Addons for Elementor Page Builder Lite	6.5	Medium	2025-06-06
CVE-2025-49075	WordPress Wishlist plugin <= 1.0.43 - Cross Site Scripting (XSS) vulnerability — Wishlist	6.5	Medium	2025-06-06
CVE-2025-49074	WordPress WidgetKit plugin <= 2.5.4 - Cross Site Scripting (XSS) vulnerability — WidgetKit	6.5	Medium	2025-06-06
CVE-2025-49068	WordPress Ocean Extra plugin <= 2.4.8 - Cross Site Scripting (XSS) vulnerability — Ocean Extra	6.5	Medium	2025-06-06
CVE-2025-49067	WordPress Nasa Core plugin < 6.4.1 - Cross Site Scripting (XSS) vulnerability — Nasa Core	6.5	Medium	2025-06-06
CVE-2025-5239	Domain For Sale <= 3.0.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via class_name Parameter — Domain For Sale – Sell Domains with Landing Pages, Offers & Inquiries	6.4	Medium	2025-06-06
CVE-2025-5757	code-projects Traffic Offense Reporting System save-reported.php cross site scripting — Traffic Offense Reporting System	3.5	Low	2025-06-06
CVE-2025-5565	Hide It <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Hide It	6.4	Medium	2025-06-06
CVE-2025-5541	Runners Log <= 3.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Runners Log	6.4	Medium	2025-06-06
CVE-2025-5538	BNS Featured Category <= 2.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — BNS Featured Category	6.4	Medium	2025-06-06
CVE-2025-5703	StageShow <= 10.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via anchor Parameter — StageShow	6.4	Medium	2025-06-06
CVE-2025-5536	Freemind Viewer <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Freemind Viewer	6.4	Medium	2025-06-06
CVE-2025-5586	WordPress Ajax Load More and Infinite Scroll <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter — WordPress Ajax Load More and Infinite Scroll	6.4	Medium	2025-06-06
CVE-2025-5699	Developer Formatter <= 2015.0.2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Custom CSS — Developer Formatter	5.5	Medium	2025-06-06
CVE-2025-5534	ESV Bible Shortcode for WordPress <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — ESV Bible Shortcode for WordPress	6.4	Medium	2025-06-06
CVE-2025-5533	Knowledge Base <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Knowledge Base	6.4	Medium	2025-06-06
CVE-2025-5727	SourceCodester Student Result Management System Announcement Page announcement cross site scripting — Student Result Management System	2.4	Low	2025-06-06
CVE-2025-5726	SourceCodester Student Result Management System Division System Page division-system cross site scripting — Student Result Management System	2.4	Low	2025-06-06
CVE-2025-5725	SourceCodester Student Result Management System Grading System Page grading-system cross site scripting — Student Result Management System	2.4	Low	2025-06-06
CVE-2025-5724	SourceCodester Student Result Management System Subjects Page subjects cross site scripting — Student Result Management System	2.4	Low	2025-06-06
CVE-2025-5723	SourceCodester Student Result Management System Classes Page classes cross site scripting — Student Result Management System	2.4	Low	2025-06-06
CVE-2025-5722	SourceCodester Student Result Management System Add Academic Term terms cross site scripting — Student Result Management System	2.4	Low	2025-06-06
CVE-2025-5721	SourceCodester Student Result Management System Profile Setting Page update_profile cross site scripting — Student Result Management System	2.4	Low	2025-06-06
CVE-2025-5713	SoluçõesCoop iSoluçõesWEB Flow fluxos-dashboard cross site scripting — iSoluçõesWEB	3.5	Low	2025-06-06
CVE-2025-5661	code-projects Traffic Offense Reporting System Setting save-settings.php cross site scripting — Traffic Offense Reporting System	2.4	Low	2025-06-05

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21534 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21534