Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21546

21546 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-28885 WordPress Fiverr.com Official Search Box plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability — Fiverr.com Official Search Box 6.5 Medium2025-03-26
CVE-2025-28890 WordPress Lightview Plus plugin <= 3.1.3 - Reflected Cross Site Scripting (XSS) vulnerability — Lightview Plus 7.1 High2025-03-26
CVE-2025-28865 WordPress WP Colorful Tag Cloud plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability — WP Colorful Tag Cloud 7.1 High2025-03-26
CVE-2025-28869 WordPress NextGEN Gallery Voting plugin <= 2.7.6 - Reflected Cross Site Scripting (XSS) vulnerability — NextGEN Gallery Voting 7.1 High2025-03-26
CVE-2025-28858 WordPress Arrow Maps plugin <= 1.0.9 - Reflected Cross Site Scripting (XSS) vulnerability — Arrow Maps 7.1 High2025-03-26
CVE-2025-28877 WordPress Key4ce osTicket Bridge plugin <= 1.4.0 - Reflected Cross Site Scripting (XSS) vulnerability — Key4ce osTicket Bridge 7.1 High2025-03-26
CVE-2025-28880 WordPress Blue Captcha plugin <= 1.7.4 - Reflected Cross Site Scripting (XSS) vulnerability — Blue Captcha 7.1 High2025-03-26
CVE-2025-26583 WordPress Video Share VOD plugin <= 2.7.9 - Reflected Cross-Site Scripting vulnerability — Video Share VOD 7.1 High2025-03-26
CVE-2025-26581 WordPress Picture Gallery plugin <= 1.6.3 - CSRF to Stored XSS vulnerability — Picture Gallery 7.1 High2025-03-26
CVE-2025-26584 WordPress TBTestimonials Plugin <= 1.7.3 - Reflected Cross Site Scripting (XSS) vulnerability — TBTestimonials 7.1 High2025-03-26
CVE-2025-28855 WordPress Teleport plugin <= 1.2.4 - Reflected Cross Site Scripting (XSS) vulnerability — Teleport 7.1 High2025-03-26
CVE-2025-27267 WordPress Random Quotes Plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability — Random Quotes 7.1 High2025-03-26
CVE-2025-26579 WordPress MicroPayments Paid Membership plugin <= 3.2.4 - Reflected Cross-Site Scripting vulnerability — MicroPayments 7.1 High2025-03-26
CVE-2025-26566 WordPress In Stock Mailer for WooCommerce Plugin <= 2.1.1 - Reflected Cross Site Scripting (XSS) vulnerability — In Stock Mailer for WooCommerce 7.1 High2025-03-26
CVE-2025-26573 WordPress Rizzi Guestbook plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerability — Rizzi Guestbook 7.1 High2025-03-26
CVE-2025-26576 WordPress WP Simple Slideshow Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability — WP Simple Slideshow 7.1 High2025-03-26
CVE-2025-26575 WordPress Display Post Meta plugin <= 1.5- Cross Site Scripting (XSS) vulnerability — Display Post Meta 7.1 High2025-03-26
CVE-2025-26565 WordPress GNUPress Plugin <= 0.2.9 - Reflected Cross Site Scripting (XSS) vulnerability — GNUPress 7.1 High2025-03-26
CVE-2025-26559 WordPress Secure Invites plugin <= 1.2.5 - Reflected Cross Site Scripting (XSS) vulnerability — Secure Invites 6.5 Medium2025-03-26
CVE-2025-26546 WordPress Cookies Pro plugin <= 1.0 - CSRF to Stored XSS vulnerability — Cookies Pro 7.1 High2025-03-26
CVE-2025-26542 WordPress Zalo Live Chat Plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Zalo Live Chat 7.1 High2025-03-26
CVE-2025-26564 WordPress GNUCommerce Plugin <= 1.5.4 - Reflected Cross Site Scripting (XSS) vulnerability — GNUCommerce 7.1 High2025-03-26
CVE-2025-26544 WordPressUTM tags + Landing page plugin <= 1.4 - CSRF to Stored XSS vulnerability — UTM tags tracking for Contact Form 7 7.1 High2025-03-26
CVE-2025-26560 WordPress WP Contact Form III Plugin <= 1.6.2d - Reflected Cross Site Scripting (XSS) vulnerability — WP Contact Form III 7.1 High2025-03-26
CVE-2025-26536 WordPress Another Events Calendar Plugin <= 1.7.0 - Reflected Cross Site Scripting (XSS) vulnerability — Another Events Calendar 7.1 High2025-03-26
CVE-2025-26541 WordPress Bitcoin / AltCoin Payment Gateway for WooCommerce plugin <= 1.7.6 - Reflected Cross Site Scripting (XSS) vulnerability — Bitcoin / AltCoin Payment Gateway for WooCommerce 7.1 High2025-03-26
CVE-2025-26537 WordPress GDPR Tools plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability — GDPR Tools 6.5 Medium2025-03-26
CVE-2025-25134 WordPress Theme Demo Bar Plugin <= 1.6.3 - Reflected Cross Site Scripting (XSS) vulnerability — Theme Demo Bar 7.1 High2025-03-26
CVE-2025-23735 WordPress Infugrator plugin <= 1.0.3 - Reflected Cross Site Scripting (XSS) vulnerability — Infugrator 7.1 High2025-03-26
CVE-2025-23964 WordPress Google Plus Plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability — Google Plus 7.1 High2025-03-26

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21546 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.