Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535

21535 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-27289 WordPress Restrict Taxonomies Plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability — Restrict Taxonomies 7.1 High2025-04-17
CVE-2025-27291 WordPress Photo Gallery – Image Gallery Plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability — WordPress Photo Gallery – Image Gallery 7.1 High2025-04-17
CVE-2025-27293 WordPress Shipmozo Courier Tracking plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Shipmozo Courier Tracking 7.1 High2025-04-17
CVE-2025-27292 WordPress WPYog Documents Plugin <= 1.3.5 - Reflected Cross Site Scripting (XSS) vulnerability — WPYog Documents 7.1 High2025-04-17
CVE-2025-27295 WordPress Live css plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability — Live css 7.1 High2025-04-17
CVE-2025-27309 WordPress flickr-slideshow-wrapper Plugin <= 5.4.6 - Cross Site Scripting (XSS) vulnerability — flickr-slideshow-wrapper 7.1 High2025-04-17
CVE-2025-27308 WordPress WP Video Posts plugin <= 3.5.1 - Reflected Cross Site Scripting (XSS) vulnerability — WP Video Posts 7.1 High2025-04-17
CVE-2025-27313 WordPress Google Maps GPX Viewer Plugin <= 3.6 - Reflected Cross Site Scripting (XSS) vulnerability — Google Maps GPX Viewer 7.1 High2025-04-17
CVE-2025-27314 WordPress Kush Micro News Plugin <= 1.6.7 - Cross Site Scripting (XSS) vulnerability — Kush Micro News 7.1 High2025-04-17
CVE-2025-27319 WordPress User List plugin <= 1.5.1 - Reflected Cross Site Scripting (XSS) vulnerability — User List 7.1 High2025-04-17
CVE-2025-27322 WordPress QR Code for WooCommerce Plugin <= 1.2.0 - Reflected Cross Site Scripting (XSS) vulnerability — QR Code for WooCommerce 7.1 High2025-04-17
CVE-2025-27324 WordPress 17TRACK for WooCommerce Plugin <= 1.2.10 - Reflected Cross Site Scripting (XSS) vulnerability — 17TRACK for WooCommerce 7.1 High2025-04-17
CVE-2025-27333 WordPress Protected wp-login Plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability — Protected wp-login 7.1 High2025-04-17
CVE-2025-27337 WordPress Fontsampler Plugin <= 0.4.14 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability — Fontsampler 7.1 High2025-04-17
CVE-2025-27343 WordPress WooCommerce HTML5 Video Plugin <= 1.7.10 - Reflected Cross Site Scripting (XSS) vulnerability — WooCommerce HTML5 Video 7.1 High2025-04-17
CVE-2025-27338 WordPress List Urls Plugin <= 0.2 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability — List Urls 7.1 High2025-04-17
CVE-2025-27345 WordPress Booking Ultra Pro Plugin <= 1.1.19 - Reflected Cross Site Scripting (XSS) vulnerability — Booking Ultra Pro 7.1 High2025-04-17
CVE-2025-27346 WordPress Rebuild Permalinks Plugin <= 1.6 - Reflected Cross Site Scripting (XSS) vulnerability — Rebuild Permalinks 7.1 High2025-04-17
CVE-2025-27354 WordPress Simple Email Subscriber plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability — Simple Email Subscriber 7.1 High2025-04-17
CVE-2025-31018 WordPress FireDrum Email Marketing plugin <= 1.64 - Reflected Cross Site Scripting (XSS) vulnerability — FireDrum Email Marketing 7.1 High2025-04-17
CVE-2025-31006 WordPress Activity Reactions For Buddypress plugin <= 1.0.22 - Reflected Cross Site Scripting (XSS) vulnerability — Activity Reactions For Buddypress 7.1 High2025-04-17
CVE-2025-32490 WordPress wp secure plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability — wp secure 7.1 High2025-04-17
CVE-2025-32504 WordPress Silvasoft boekhouden plugin <= 3.0.6 - Cross Site Scripting (XSS) vulnerability — Silvasoft boekhouden 7.1 High2025-04-17
CVE-2025-32506 WordPress AT Internet SmartTag plugin <= 0.2 - Reflected Cross Site Scripting (XSS) vulnerability — AT Internet SmartTag 7.1 High2025-04-17
CVE-2025-32507 WordPress Event Espresso plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability — Event Espresso – Custom Email Template Shortcode 7.1 High2025-04-17
CVE-2025-32511 WordPress Make Email Customizer for WooCommerce plugin <= 1.0.6 - Reflected Cross Site Scripting (XSS) vulnerability — Make Email Customizer for WooCommerce 7.1 High2025-04-17
CVE-2025-32508 WordPress Course Booking System plugin <= 6.1.2 - Reflected Cross Site Scripting (XSS) Vulnerability — Course Booking System 7.1 High2025-04-17
CVE-2025-32512 WordPress Revamp CRM for WooCommerce plugin <= 1.1.2 - Reflected Cross Site Scripting (XSS) vulnerability — Revamp CRM for WooCommerce 7.1 High2025-04-17
CVE-2025-32513 WordPress Total processing card payments for WooCommerce plugin <= 7.1.6 - Reflected Cross Site Scripting (XSS) vulnerability — Nomupay Payment Processing Gateway 7.1 High2025-04-17
CVE-2025-32514 WordPress WooCommerce Estimate and Quote plugin <= 1.0.2.5 - Reflected Cross Site Scripting (XSS) vulnerability — WooCommerce Estimate and Quote 7.1 High2025-04-17

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21535 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.