Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535

21535 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-32604 WordPress AWSA Shipping Plugin <= 1.3.0 - Reflected Cross Site Scripting (XSS) vulnerability — AWSA Shipping 7.1 High2025-04-17
CVE-2025-32605 WordPress MemberPress Discord Addon Plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability — MemberPress Discord Addon 7.1 High2025-04-17
CVE-2025-32608 WordPress Movylo Marketing Automation Plugin <= 2.0.7 - Cross Site Scripting (XSS) vulnerability — Movylo Marketing Automation 7.1 High2025-04-17
CVE-2025-32611 WordPress WooCommerce TBC Credit Card Payment Gateway (Free) Plugin <= 2.0.0 - Reflected Cross Site Scripting (XSS) vulnerability — WooCommerce TBC Credit Card Payment Gateway (Free) 7.1 High2025-04-17
CVE-2025-32609 WordPress Verowa Connect Plugin <= 3.0.4 - Reflected Cross Site Scripting (XSS) vulnerability — Verowa Connect 7.1 High2025-04-17
CVE-2025-32613 WordPress Debug Log Manager plugin <= 2.3.4 - Cross Site Scripting (XSS) vulnerability — Debug Log Manager 7.1 High2025-04-17
CVE-2025-32615 WordPress Clinked Client Portal Plugin <= 1.10 - Reflected Cross Site Scripting (XSS) vulnerability — Clinked Client Portal 7.1 High2025-04-17
CVE-2025-32625 WordPress Mobile Blocks Plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability — Mobile Pages 7.1 High2025-04-17
CVE-2025-32622 WordPress OTP-less one tap Sign in Plugin <= 2.0.58 - Reflected Cross Site Scripting (XSS) vulnerability — OTP-less one tap Sign in 7.1 High2025-04-17
CVE-2025-32630 WordPress WP-BusinessDirectory Plugin <= 3.1.2 - Reflected Cross Site Scripting (XSS) vulnerability — WP-BusinessDirectory 7.1 High2025-04-17
CVE-2025-32628 WordPress Crowdfunding for WooCommerce Plugin <= 3.1.12 - Reflected Cross Site Scripting (XSS) vulnerability — Crowdfunding for WooCommerce 7.1 High2025-04-17
CVE-2025-32634 WordPress Run Contests, Raffles, and Giveaways plugin <= 2.1.1 - Reflected Cross Site Scripting (XSS) vulnerability — Run Contests, Raffles, and Giveaways with ContestsWP 7.1 High2025-04-17
CVE-2025-32638 WordPress ShopApper plugin <= 0.4.61 - Cross Site Scripting (XSS) vulnerability — Mobile App for WooCommerce 7.1 High2025-04-17
CVE-2025-32637 WordPress WP Donate Plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability — WP Donate 7.1 High2025-04-17
CVE-2025-32646 WordPress Question Answer plugin <= 1.2.70 - Reflected Cross Site Scripting (XSS) vulnerability — Question Answer 7.1 High2025-04-17
CVE-2025-32639 WordPress Affiliate Links plugin <= 3.1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Affiliate Links Lite 7.1 High2025-04-17
CVE-2025-32649 WordPress GB Gallery Slideshow Plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability — GB Gallery Slideshow 7.1 High2025-04-17
CVE-2025-32651 WordPress SERPed.net Plugin <= 4.6 - Reflected Cross Site Scripting (XSS) vulnerability — SERPed.net 7.1 High2025-04-17
CVE-2025-32653 WordPress Cart66 Cloud Plugin <= 2.3.7 - Reflected Cross Site Scripting (XSS) vulnerability — Cart66 Cloud 7.1 High2025-04-17
CVE-2025-32670 WordPress Spark GF Failed Submissions plugin <= 1.3.5 - Reflected Cross Site Scripting (XSS) vulnerability — Spark GF Failed Submissions 7.1 High2025-04-17
CVE-2025-32666 WordPress Hive Support plugin <= 1.2.5 - Reflected Cross Site Scripting (XSS) vulnerability — Hive Support 7.1 High2025-04-17
CVE-2025-32674 WordPress Product Excel Import Export & Bulk Edit for WooCommerce plugin <= 4.7 - Cross Site Scripting (XSS) Vulnerability — Product Excel Import Export & Bulk Edit for WooCommerce 7.1 High2025-04-17
CVE-2025-39519 WordPress Bulk Page Stub Creator plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability — Bulk Page Stub Creator 7.1 High2025-04-17
CVE-2025-39521 WordPress Contact Form vCard Generator plugin <= 2.4 - Reflected Cross Site Scripting (XSS) vulnerability — Contact Form vCard Generator 7.1 High2025-04-17
CVE-2025-39558 WordPress CRM Perks plugin <= 1.1.7 - Reflected Cross Site Scripting (XSS) vulnerability — CRM Perks 7.1 High2025-04-17
CVE-2025-39562 WordPress Payment Form for PayPal Pro plugin <= 1.1.72 - Cross Site Scripting (XSS) Vulnerability — Payment Form for PayPal Pro 5.9 Medium2025-04-17
CVE-2025-39567 WordPress Web Directory Free plugin <= 1.7.8 - Reflected Cross Site Scripting (XSS) vulnerability — Web Directory Free 7.1 High2025-04-17
CVE-2025-39594 WordPress Arigato Autoresponder and Newsletter plugin <= 2.7.2.4 - Reflected Cross Site Scripting (XSS) vulnerability — Arigato Autoresponder and Newsletter 7.1 High2025-04-17
CVE-2025-22340 WordPress Data Dash plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerability — Data Dash 6.5 Medium2025-04-17
CVE-2025-22565 WordPress vooPlayer v4 Plugin <= 4.0.4 - Reflected Cross Site Scripting (XSS) vulnerability — vooPlayer v4 7.1 High2025-04-17

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21535 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.