Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21535

21535 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-39573 WordPress WP Posts Carousel plugin <= 1.3.10 - Cross Site Scripting (XSS) Vulnerability — WP Posts Carousel 6.5 Medium2025-04-16
CVE-2025-39572 WordPress Checkout for PayPal plugin <= 1.0.38 - Cross Site Scripting (XSS) Vulnerability — Checkout for PayPal 6.5 Medium2025-04-16
CVE-2025-39574 WordPress Uix Shortcodes plugin <= 2.0.4 - Cross Site Scripting (XSS) Vulnerability — Uix Shortcodes 6.5 Medium2025-04-16
CVE-2025-39575 WordPress WPCasa plugin <= 1.3.2 - Cross Site Scripting (XSS) Vulnerability — WPCasa 6.5 Medium2025-04-16
CVE-2025-39576 WordPress WPAdverts plugin <= 2.2.1 - Cross Site Scripting (XSS) Vulnerability — WPAdverts 6.5 Medium2025-04-16
CVE-2025-39577 WordPress PropertyHive plugin <= 2.1.2 - Cross Site Scripting (XSS) Vulnerability — PropertyHive 6.5 Medium2025-04-16
CVE-2025-39578 WordPress Responsive Blocks plugin <= 2.0.2 - Cross Site Scripting (XSS) Vulnerability — Responsive Blocks 6.5 Medium2025-04-16
CVE-2025-39579 WordPress Membership For WooCommerce plugin <= 2.8.0 - Cross Site Scripting (XSS) Vulnerability — Membership For WooCommerce 6.5 Medium2025-04-16
CVE-2025-39581 WordPress Themify Shortcodes plugin <= 2.1.3 - Cross Site Scripting (XSS) Vulnerability — Themify Shortcodes 6.5 Medium2025-04-16
CVE-2025-39582 WordPress WP Data Access plugin <= 5.5.36 - Cross Site Scripting (XSS) Vulnerability — WP Data Access 6.5 Medium2025-04-16
CVE-2025-39585 WordPress Travelfic Toolkit plugin <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability — Travelfic Toolkit 6.5 Medium2025-04-16
CVE-2025-39590 WordPress Essential Addons for Elementor plugin <= 6.1.9 - Cross Site Scripting (XSS) Vulnerability — Essential Addons for Elementor 6.5 Medium2025-04-16
CVE-2025-1983 Stored Cross-Site Scripting in Ready_ — Ready_ 6.1AIMediumAI2025-04-16
CVE-2025-3688 mirweiye Seven Bears Library CMS Background Management Page cross site scripting — Seven Bears Library CMS 2.4 Low2025-04-16
CVE-2024-52281 Stored Cross-site Scripting vulnerability in Rancher UI — rancher 8.9 High2025-04-16
CVE-2025-3077 Betheme <= 28.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — Betheme 6.4 Medium2025-04-16
CVE-2024-13452 Contact Form by Supsystic <= 1.7.29 - Cross-Site Request Forgery to Stored Cross-Site Scripting via saveAsCopy AJAX Action — Contact Form by Supsystic 6.1 Medium2025-04-16
CVE-2025-2314 User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor <= 3.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor 6.4 Medium2025-04-16
CVE-2025-32388 SvelteKit allows XSS via tracked search_params — kit 5.4 Medium2025-04-15
CVE-2025-32923 WordPress Tourmaster plugin < 5.4.1 - Cross Site Scripting (XSS) vulnerability — Tourmaster 7.1 High2025-04-15
CVE-2025-30984 WordPress SEO Tools plugin <= 4.0.7 - Reflected Cross Site Scripting (XSS) vulnerability — SEO Tools 7.1 High2025-04-15
CVE-2025-30982 WordPress MyBookProgress by Stormhill Media plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability — MyBookProgress by Stormhill Media 6.5 Medium2025-04-15
CVE-2025-30970 WordPress Easy Contact plugin <= 0.1.2 - Reflected Cross Site Scripting (XSS) vulnerability — Easy Contact 7.1 High2025-04-15
CVE-2025-26998 WordPress SKT Blocks – Gutenberg based Page Builder plugin <= 1.8 - Cross Site Scripting (XSS) vulnerability — SKT Blocks 6.5 Medium2025-04-15
CVE-2025-26934 WordPress Glossy Blog theme <= 1.0.3 - Cross Site Scripting (XSS) vulnerability — Glossy Blog 6.5 Medium2025-04-15
CVE-2025-26950 WordPress Nepali Date Converter plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability — Nepali Date Converter 6.5 Medium2025-04-15
CVE-2025-26951 WordPress C9 Blocks plugin <= 1.7.7 - Cross Site Scripting (XSS) vulnerability — C9 Blocks 6.5 Medium2025-04-15
CVE-2025-26906 WordPress WP Delete User Accounts plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerability — WP Delete User Accounts 6.5 Medium2025-04-15
CVE-2025-26919 WordPress Tainá plugin <= 0.2.2 - Cross Site Scripting (XSS) vulnerability — Tainá 6.5 Medium2025-04-15
CVE-2025-26930 WordPress Home Services plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability — Home Services 6.5 Medium2025-04-15

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21535 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.