CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535

21535 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-23988	WordPress ghostwriter theme <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability — Ghostwriter	7.1	High	2025-05-19
CVE-2025-23986	WordPress Tiki Time theme <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability — Tiki Time	7.1	High	2025-05-19
CVE-2025-23983	WordPress Tijaji theme <= 1.43 - Reflected Cross Site Scripting (XSS) vulnerability — Tijaji	7.1	High	2025-05-19
CVE-2025-23981	WordPress CarZine theme <= 1.4.6 - Reflected Cross Site Scripting (XSS) vulnerability — CarZine	7.1	High	2025-05-19
CVE-2025-23979	WordPress Flashy theme <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability — Flashy	7.1	High	2025-05-19
CVE-2025-22792	WordPress Js O3 Lite theme <= 1.5.8.2 - Reflected Cross Site Scripting (XSS) vulnerability — Js O3 Lite	7.1	High	2025-05-19
CVE-2025-22791	WordPress offset writing theme <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability — offset writing	7.1	High	2025-05-19
CVE-2025-4939	PHPGurukul Credit Card Application Management System new-ccapplication.php cross site scripting — Credit Card Application Management System	4.3	Medium	2025-05-19
CVE-2025-22790	WordPress moseter theme <= 1.3.1 - Reflected Cross Site Scripting (XSS) vulnerability — moseter	7.1	High	2025-05-19
CVE-2025-22789	WordPress polka dots theme <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability — polka dots	7.1	High	2025-05-19
CVE-2025-22687	WordPress tuaug4 theme <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability — Tuaug4	7.1	High	2025-05-19
CVE-2025-22678	WordPress my white theme <= 2.0.8 - Reflected Cross Site Scripting (XSS) vulnerability — my white	7.1	High	2025-05-19
CVE-2025-48341	WordPress Form Maker by 10Web plugin <= 1.15.33 - Cross Site Scripting (XSS) Vulnerability — Form Maker by 10Web	5.9	Medium	2025-05-19
CVE-2025-48288	WordPress ElementInvader Addons for Elementor plugin <= 1.3.5 - Cross Site Scripting (XSS) Vulnerability — ElementInvader Addons for Elementor	6.5	Medium	2025-05-19
CVE-2025-48277	WordPress Cost Calculator Builder plugin <= 3.2.74 - Cross Site Scripting (XSS) Vulnerability — Cost Calculator Builder	5.9	Medium	2025-05-19
CVE-2025-48276	WordPress Visual Composer Website Builder plugin <= 45.11.0 - Cross Site Scripting (XSS) Vulnerability — Visual Composer Website Builder	6.5	Medium	2025-05-19
CVE-2025-48269	WordPress WPAdverts plugin <= 2.2.3 - Cross Site Scripting (XSS) Vulnerability — WPAdverts	6.5	Medium	2025-05-19
CVE-2025-48270	WordPress SKT Blocks plugin <= 2.2 - Cross Site Scripting (XSS) Vulnerability — SKT Blocks	6.5	Medium	2025-05-19
CVE-2025-48266	WordPress Active Products Tables for WooCommerce plugin <= 1.0.6.8 - Cross Site Scripting (XSS) Vulnerability — Active Products Tables for WooCommerce	6.5	Medium	2025-05-19
CVE-2025-48263	WordPress MultiVendorX plugin <= 4.2.22 - Cross Site Scripting (XSS) Vulnerability — MultiVendorX	6.5	Medium	2025-05-19
CVE-2025-48258	WordPress Mega Menu Block plugin <= 1.0.6 - Cross Site Scripting (XSS) Vulnerability — Mega Menu Block	6.5	Medium	2025-05-19
CVE-2025-48256	WordPress Import Social Events plugin <= 1.8.5 - Cross Site Scripting (XSS) Vulnerability — Import Social Events	6.5	Medium	2025-05-19
CVE-2025-48254	WordPress Change Add to Cart Button Text for WooCommerce plugin <= 2.2.2 - Cross Site Scripting (XSS) Vulnerability — Change Add to Cart Button Text for WooCommerce	6.5	Medium	2025-05-19
CVE-2025-48252	WordPress Back Button Widget plugin <= 1.6.8 - Cross Site Scripting (XSS) Vulnerability — Back Button Widget	6.5	Medium	2025-05-19
CVE-2025-48253	WordPress Free Shipping Bar: Amount Left for Free Shipping for WooCommerce plugin <= 2.4.6 - Cross Site Scripting (XSS) Vulnerability — Free Shipping Bar: Amount Left for Free Shipping for WooCommerce	6.5	Medium	2025-05-19
CVE-2025-48251	WordPress Additional Custom Emails & Recipients for WooCommerce plugin <= 3.5.1 - Cross Site Scripting (XSS) Vulnerability — Additional Custom Emails & Recipients for WooCommerce	6.5	Medium	2025-05-19
CVE-2025-48250	WordPress Coupons & Add to Cart by URL Links for WooCommerce plugin <= 1.7.7 - Cross Site Scripting (XSS) Vulnerability — Coupons & Add to Cart by URL Links for WooCommerce	6.5	Medium	2025-05-19
CVE-2025-48249	WordPress EAN for WooCommerce plugin <= 5.4.6 - Cross Site Scripting (XSS) Vulnerability — EAN for WooCommerce	6.5	Medium	2025-05-19
CVE-2025-48248	WordPress Sitewide Discount for WooCommerce: Apply Discount to All Products plugin <= 2.2.1 - Cross Site Scripting (XSS) Vulnerability — Sitewide Discount for WooCommerce: Apply Discount to All Products	6.5	Medium	2025-05-19
CVE-2025-48244	WordPress Exclusive Addons Elementor plugin <= 2.7.9 - Cross Site Scripting (XSS) Vulnerability — Exclusive Addons Elementor	5.9	Medium	2025-05-19

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21535 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535