CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21536

21536 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-2889	Link Library <= 7.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Link Additional Parameters — Link Library	6.4	Medium	2025-04-04
CVE-2025-32207	WordPress Ni WooCommerce Cost Of Goods plugin <= 3.2.8 - Cross Site Scripting (XSS) vulnerability — Ni WooCommerce Cost Of Goods	6.5	Medium	2025-04-04
CVE-2025-32197	WordPress Piotnet Addons For Elementor plugin <= 2.4.36 - Cross Site Scripting (XSS) vulnerability — Piotnet Addons For Elementor	6.5	Medium	2025-04-04
CVE-2025-32196	WordPress News Kit Elementor Addons plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability — News Kit Elementor Addons	6.5	Medium	2025-04-04
CVE-2025-32195	WordPress Ecwid Shopping Cart plugin <= 7.0 - Cross Site Scripting (XSS) vulnerability — Ecwid Shopping Cart	6.5	Medium	2025-04-04
CVE-2025-32194	WordPress LA-Studio Element Kit for Elementor plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability — LA-Studio Element Kit for Elementor	6.5	Medium	2025-04-04
CVE-2025-32193	WordPress Simple WP Events plugin <= 1.8.17 - Cross Site Scripting (XSS) vulnerability — Simple WP Events	6.5	Medium	2025-04-04
CVE-2025-32191	WordPress News Element Elementor Blog Magazine plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability — News Element Elementor Blog Magazine	6.5	Medium	2025-04-04
CVE-2025-32192	WordPress Ultra Addons Lite for Elementor plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability — Ultra Addons Lite for Elementor	6.5	Medium	2025-04-04
CVE-2025-32190	WordPress Musician's Pack For Elementor plugin <= 1.8.7 - Cross Site Scripting (XSS) vulnerability — Musician's Pack For Elementor	6.5	Medium	2025-04-04
CVE-2025-32188	WordPress Advanced Woo Labels plugin <= 2.15 - Cross Site Scripting (XSS) vulnerability — Advanced Woo Labels	6.5	Medium	2025-04-04
CVE-2025-32189	WordPress BWD Elementor Addons plugin <= 4.4.2 - Cross Site Scripting (XSS) vulnerability — BWD Elementor Addons	6.5	Medium	2025-04-04
CVE-2025-32187	WordPress Administrator Z plugin <= 2026.03.02 - Cross Site Scripting (XSS) vulnerability — Administrator Z	6.5	Medium	2025-04-04
CVE-2025-32186	WordPress Turbo Addons for Elementor plugin <= 1.7.7 - Cross Site Scripting (XSS) vulnerability — Turbo Addons Elementor	6.5	Medium	2025-04-04
CVE-2025-32184	WordPress Ultimate Store Kit Elementor Addons plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability — Ultimate Store Kit Elementor Addons	6.5	Medium	2025-04-04
CVE-2025-32185	WordPress Colibri Page Builder plugin <= 1.0.329 - Cross Site Scripting (XSS) vulnerability — Colibri Page Builder	6.5	Medium	2025-04-04
CVE-2025-32183	WordPress Video Playlist For YouTube plugin <= 6.7.1 - Cross Site Scripting (XSS) vulnerability — Video Playlist For YouTube	6.5	Medium	2025-04-04
CVE-2025-32182	WordPress Spider Elements – Addons for Elementor plugin <= 1.6.5 - Cross Site Scripting (XSS) vulnerability — Spider Elements	6.5	Medium	2025-04-04
CVE-2025-32181	WordPress Search, Filters & Merchandising for WooCommerce plugin <= 3.0.58 - Stored Cross Site Scripting (XSS) vulnerability — Search, Filters & Merchandising for WooCommerce	6.5	Medium	2025-04-04
CVE-2025-32179	WordPress Maps for WP Plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability — Maps for WP	6.5	Medium	2025-04-04
CVE-2025-32176	WordPress Gallery Blocks with Lightbox plugin <= 3.2.5 - Stored Cross Site Scripting (XSS) vulnerability — SimpLy Gallery	6.5	Medium	2025-04-04
CVE-2025-32177	WordPress Embed Chessboard plugin <= 3.08.00 - Cross Site Scripting (XSS) vulnerability — Embed Chessboard	6.5	Medium	2025-04-04
CVE-2025-32174	WordPress Tockify Events Calendar plugin <= 2.2.13 - Cross Site Scripting (XSS) vulnerability — Tockify Events Calendar	6.5	Medium	2025-04-04
CVE-2025-32175	WordPress VK Filter Search plugin <= 2.20.2 - Cross Site Scripting (XSS) vulnerability — VK Filter Search	6.5	Medium	2025-04-04
CVE-2025-32173	WordPress B Blocks plugin <= 2.0.0 - Stored Cross Site Scripting (XSS) vulnerability — B Blocks	6.5	Medium	2025-04-04
CVE-2025-32171	WordPress Table Block by Tableberg plugin <= 0.6.10 - Cross Site Scripting (XSS) vulnerability — Table Block by Tableberg	6.5	Medium	2025-04-04
CVE-2025-32172	WordPress YaMaps for WordPress plugin <= 0.6.40 - Cross Site Scripting (XSS) vulnerability — YaMaps for WordPress	6.5	Medium	2025-04-04
CVE-2025-32170	WordPress Motors plugin <= 1.4.71 - Cross Site Scripting (XSS) vulnerability — Motors	6.5	Medium	2025-04-04
CVE-2025-32169	WordPress Showeblogin Social plugin <= 7.0 - Cross Site Scripting (XSS) vulnerability — Showeblogin Social	6.5	Medium	2025-04-04
CVE-2025-32168	WordPress Gutenify plugin <= 1.5.7 - Cross Site Scripting (XSS) vulnerability — Gutenify	6.5	Medium	2025-04-04

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21536 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21536