CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535

21535 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-32516	WordPress Related Videos for JW Player plugin <= 1.2.0 - Reflected Cross Site Scripting (XSS) vulnerability — Related Videos for JW Player	7.1	High	2025-04-17
CVE-2025-32515	WordPress Terminal Africa plugin <= 1.13.24 - Cross Site Scripting (XSS) vulnerability — Terminal Africa	7.1	High	2025-04-17
CVE-2025-32520	WordPress WordPress Health and Server Condition plugin <= 4.1.1 - Reflected Cross Site Scripting (XSS) vulnerability — WordPress Health and Server Condition – Integrated with Google Page Speed	7.1	High	2025-04-17
CVE-2025-32521	WordPress Cool Flipbox plugin <= 1.8.3 - Reflected Cross Site Scripting (XSS) vulnerability — Cool Flipbox – Shortcode & Gutenberg Block	7.1	High	2025-04-17
CVE-2025-32522	WordPress License Manager for WooCommerce plugin <= 3.0.9 - Reflected Cross Site Scripting (XSS) vulnerability — License Manager for WooCommerce	7.1	High	2025-04-17
CVE-2025-32526	WordPress Zephyr Project Manager plugin <= 3.3.101 - Cross Site Scripting (XSS) vulnerability — Zephyr Project Manager	7.1	High	2025-04-17
CVE-2025-32527	WordPress T&P Gallery Slider plugin <= 1.2 - Stored Cross Site Scripting (XSS) vulnerability — T&P Gallery Slider	7.1	High	2025-04-17
CVE-2025-32528	WordPress iCal Feeds Plugin <= 1.5.3 - Reflected Cross Site Scripting (XSS) vulnerability — iCal Feeds	7.1	High	2025-04-17
CVE-2025-32529	WordPress iONE360 configurator plugin <= 2.0.57 - Reflected Cross Site Scripting (XSS) vulnerability — iONE360 configurator	7.1	High	2025-04-17
CVE-2025-32530	WordPress Wallet System for WooCommerce plugin <= 2.6.8 - Reflected Cross Site Scripting (XSS) vulnerability — Wallet System for WooCommerce	7.1	High	2025-04-17
CVE-2025-32531	WordPress Arconix FAQ plugin <= 1.9.5 - Reflected Cross Site Scripting (XSS) vulnerability — Arconix FAQ	7.1	High	2025-04-17
CVE-2025-32533	WordPress Deliver via Shipos for WooCommerce Plugin <= 2.1.7 - Reflected Cross Site Scripting (XSS) vulnerability — Deliver via Shipos for WooCommerce	7.1	High	2025-04-17
CVE-2025-32532	WordPress UXsniff plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability — UXsniff	7.1	High	2025-04-17
CVE-2025-32535	WordPress DN Shipping by Weight for WooCommerce Plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability — DN Shipping by Weight for WooCommerce	7.1	High	2025-04-17
CVE-2025-32540	WordPress Feedify – Web Push Notifications plugin <= 2.4.5 - Reflected Cross Site Scripting (XSS) vulnerability — Feedify – Web Push Notifications	7.1	High	2025-04-17
CVE-2025-32548	WordPress Hamburger Icon Menu Lite Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Hamburger Icon Menu Lite	7.1	High	2025-04-17
CVE-2025-32552	WordPress MSRP (RRP) Pricing for WooCommerce Plugin <= 1.8.1 - Reflected Cross Site Scripting (XSS) vulnerability — MSRP (RRP) Pricing for WooCommerce	7.1	High	2025-04-17
CVE-2025-32554	WordPress Raptive Ads plugin <= 3.7.3 - Reflected Cross Site Scripting (XSS) vulnerability — Raptive Ads	7.1	High	2025-04-17
CVE-2025-32560	WordPress WP-Hijri Plugin <= 1.5.3 - Reflected Cross Site Scripting (XSS) vulnerability — WP-Hijri	7.1	High	2025-04-17
CVE-2025-32557	WordPress WP Featured Screenshot Plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability — WP Featured Screenshot	7.1	High	2025-04-17
CVE-2025-32561	WordPress WP_DEBUG Toggle plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability — WP_DEBUG Toggle	7.1	High	2025-04-17
CVE-2025-32564	WordPress Stop Registration Spam Plugin <= 1.24 - Reflected Cross Site Scripting (XSS) vulnerability — Stop Registration Spam	7.1	High	2025-04-17
CVE-2025-32562	WordPress WP Easy Poll Plugin <= 2.2.9 - Reflected Cross Site Scripting (XSS) vulnerability — WP Easy Poll	7.1	High	2025-04-17
CVE-2025-32566	WordPress License For Envato Plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability — License For Envato	7.1	High	2025-04-17
CVE-2025-32578	WordPress Coming Soon Countdown Plugin <= 2.2 - Reflected Cross Site Scripting (XSS) vulnerability — Coming Soon Countdown	7.1	High	2025-04-17
CVE-2025-32582	WordPress WP AutoKeyword Plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability — WP AutoKeyword	7.1	High	2025-04-17
CVE-2025-32588	WordPress Credova_Financial plugin <= 2.4.8 - Reflected Cross Site Scripting (XSS) vulnerability — Credova_Financial	7.1	High	2025-04-17
CVE-2025-32592	WordPress TableOn Plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability — TableOn	7.1	High	2025-04-17
CVE-2025-32590	WordPress Web2application Plugin <= 6.1 - Reflected Cross Site Scripting (XSS) vulnerability — Web2application	7.1	High	2025-04-17
CVE-2025-32602	WordPress WooMS Plugin <= 9.12 - Reflected Cross Site Scripting (XSS) vulnerability — WooMS	7.1	High	2025-04-17

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21535 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535