CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21536

21536 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-32199	WordPress Contact Form Builder by vcita plugin <= 4.10.2 - Cross Site Scripting (XSS) vulnerability — Contact Form Builder by vcita	6.5	Medium	2025-04-10
CVE-2025-32198	WordPress Brizy plugin <= 2.7.7 - Cross Site Scripting (XSS) vulnerability — Brizy	6.5	Medium	2025-04-10
CVE-2025-32139	WordPress Lightbox & Modal Popup WordPress Plugin – FooBox plugin <= 2.7.33 - Cross Site Scripting (XSS) vulnerability — FooBox Image Lightbox	5.9	Medium	2025-04-10
CVE-2025-32116	WordPress QR Master plugin <= 1.0.5 - Reflected Cross Site Scripting (XSS) vulnerability — QR Master	7.1	High	2025-04-10
CVE-2025-32115	WordPress Popping Content Light plugin <= 2.4 - Reflected Cross Site Scripting (XSS) vulnerability — Popping Content Light	7.1	High	2025-04-10
CVE-2025-32114	WordPress 5sterrenspecialist plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability — WordPress 5sterrenspecialist Plugin	7.1	High	2025-04-10
CVE-2024-10894	Payment Forms for Paystack <= 4.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Payment Forms for Paystack	6.4	Medium	2025-04-10
CVE-2025-3489	Nababur Simple-User-Management-System register.php cross site scripting — Simple-User-Management-System	4.3	Medium	2025-04-10
CVE-2025-31008	WordPress YouTube Embed plugin <= 5.3.1 - Cross Site Scripting (XSS) Vulnerability — YouTube Embed	5.9	Medium	2025-04-09
CVE-2025-31017	WordPress Nav Menu Manager plugin <= 3.2.5 - Cross Site Scripting (XSS) Vulnerability — Nav Menu Manager	6.5	Medium	2025-04-09
CVE-2025-31020	WordPress Simple Spoiler plugin <= 1.4 - Cross Site Scripting (XSS) Vulnerability — Simple Spoiler	6.5	Medium	2025-04-09
CVE-2025-31035	WordPress WP Editor.md – The Perfect Markdown Editor plugin <= 10.2.1 - Cross Site Scripting (XSS) Vulnerability — WP Editor.md – The Perfect WordPress Markdown Editor	5.9	Medium	2025-04-09
CVE-2025-31394	WordPress More Mime Type Filters plugin <= 0.3 - CSRF to Stored XSS vulnerability — More Mime Type Filters	7.1	High	2025-04-09
CVE-2025-32483	WordPress Request Call Back plugin <= 1.4.1 - Cross Site Scripting (XSS) Vulnerability — Request Call Back	5.9	Medium	2025-04-09
CVE-2025-32488	WordPress Aria Font plugin <= 1.4 - Cross Site Scripting (XSS) Vulnerability — Aria Font	5.9	Medium	2025-04-09
CVE-2025-32489	WordPress Wetterwarner plugin <= 2.7.3 - Cross Site Scripting (XSS) Vulnerability — Wetterwarner	5.9	Medium	2025-04-09
CVE-2025-32492	WordPress Admin Menu Post List plugin <= 2.0.7 - Cross Site Scripting (XSS) Vulnerability — Admin Menu Post List	5.9	Medium	2025-04-09
CVE-2025-32493	WordPress BP Social Connect plugin <= 1.6.2 - Cross Site Scripting (XSS) Vulnerability — BP Social Connect	5.9	Medium	2025-04-09
CVE-2025-32495	WordPress Waymark plugin <= 1.5.3 - Cross Site Scripting (XSS) Vulnerability — Waymark	6.5	Medium	2025-04-09
CVE-2025-32503	WordPress Link Shield plugin <= 0.5.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Link Shield	7.1	High	2025-04-09
CVE-2025-32543	WordPress Canonical Attachments Plugin <= 1.8 - Stored Cross Site Scripting (XSS) vulnerability — Canonical Attachments	7.1	High	2025-04-09
CVE-2025-32570	WordPress ChillPay WooCommerce Plugin <= 2.5.3 - CSRF to Stored XSS vulnerability — ChillPay WooCommerce	7.1	High	2025-04-09
CVE-2025-32580	WordPress DeBounce Email Validator plugin <= 5.7.1 - CSRF to Stored XSS vulnerability — DeBounce Email Validator	7.1	High	2025-04-09
CVE-2025-32581	WordPress WordPress Spam Blocker Plugin <= 2.0.5 - CSRF to Stored XSS vulnerability — WordPress Spam Blocker	7.1	High	2025-04-09
CVE-2025-32640	WordPress One Click Accessibility plugin <= 3.1.0 - Cross-Site Scripting (XSS) vulnerability — Ally	5.9	Medium	2025-04-09
CVE-2025-32680	WordPress Review Stream plugin <= 1.6.7 - Cross Site Scripting (XSS) vulnerability — Review Stream	5.9	Medium	2025-04-09
CVE-2025-32683	WordPress MapSVG Lite plugin <= 8.6.6 - Cross Site Scripting (XSS) Vulnerability — MapSVG	6.5	Medium	2025-04-09
CVE-2025-32690	WordPress PowerPress Podcasting plugin <= 11.12.5 - Cross Site Scripting (XSS) Vulnerability — PowerPress Podcasting	6.5	Medium	2025-04-09
CVE-2025-32379	XSS at ctx.redirect() function in Koajs — koa	5.0	Medium	2025-04-09
CVE-2023-33844	IBM Security Verify Governance cross-site scripting — Security Verify Governance	5.4	Medium	2025-04-09

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21536 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21536