CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-25097	WordPress External "Video for Everybody" plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability — External Video For Everybody	6.5	Medium	2025-02-07
CVE-2025-25096	WordPress RSS in Page plugin <= 2.9.1 - Stored Cross Site Scripting (XSS) vulnerability — RSS in Page	6.5	Medium	2025-02-07
CVE-2025-25095	WordPress ReverbNation Widgets plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability< — ReverbNation Widgets	6.5	Medium	2025-02-07
CVE-2025-25085	WordPress WP SimpleWeather plugin <= 0.2.5 - Cross Site Scripting (XSS) vulnerability — WP SimpleWeather	6.5	Medium	2025-02-07
CVE-2025-25094	WordPress Breaking News Ticker plugin <= 2.4.4 - Cross Site Scripting (XSS) vulnerability — Breaking News Ticker	6.5	Medium	2025-02-07
CVE-2025-25080	WordPress Kona Gallery Block plugin <= 1.7 - Stored Cross Site Scripting (XSS) vulnerability — Kona Gallery Block	6.5	Medium	2025-02-07
CVE-2025-25077	WordPress Easy Chart Builder for WordPress plugin <= 1.3 - Stored Cross Site Scripting (XSS) vulnerability — Easy Chart Builder for WordPress	6.5	Medium	2025-02-07
CVE-2025-25078	WordPress Google Earth Embed plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability — Google Earth Embed	6.5	Medium	2025-02-07
CVE-2025-25079	WordPress Simple Select All Text Box plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability — Simple Select All Text Box	6.5	Medium	2025-02-07
CVE-2025-25098	WordPress Links in Captions plugin <= 1.2 - Stored Cross Site Scripting (XSS) vulnerability — Links in Captions	6.5	Medium	2025-02-07
CVE-2025-25073	WordPress Easy WP Tiles plugin <= 1 - Cross Site Scripting (XSS) vulnerability — Easy WP Tiles	5.9	Medium	2025-02-07
CVE-2025-25082	WordPress flexIDX Home Search plugin <= 2.1.2 - Stored Cross Site Scripting (XSS) vulnerability — FlexIDX Home Search	6.5	Medium	2025-02-07
CVE-2025-25091	WordPress NextGen Cooliris Gallery plugin <= 0.7 - Cross Site Scripting (XSS) vulnerability — NextGen Cooliris Gallery	6.5	Medium	2025-02-07
CVE-2025-25076	WordPress Graceful Email Obfuscation plugin <= 0.2.2 - Cross Site Scripting (XSS) vulnerability — Graceful Email Obfuscation	6.5	Medium	2025-02-07
CVE-2025-1085	Animati PACS login cross site scripting — PACS	4.3	Medium	2025-02-07
CVE-2025-1082	Mindskip xzs-mysql 学之思开源考试系统 Exam Edit edit cross site scripting — xzs-mysql 学之思开源考试系统	3.5	Low	2025-02-06
CVE-2024-52892	IBM Jazz for Service Management Cross-Site Scripting — Jazz for Service Management	6.1	Medium	2025-02-06
CVE-2025-24981	Parsed HTML anchor links in Markdown provided to parseMarkdown can result in XSS in @nuxtjs/mdc — mdc	9.3	Critical	2025-02-06
CVE-2024-39272	ClearML Server 安全漏洞 — ClearML	9.0	Critical	2025-02-06
CVE-2025-1076	Stored Cross-Site Scripting vulnerability in Holded — Holded	4.8	Medium	2025-02-06
CVE-2022-40490	Tiny File Manager 安全漏洞 — n/a	6.1	-	2025-02-06
CVE-2024-49793	IBM ApplinX Cross-Site Scripting — ApplinX	5.4	Medium	2025-02-05
CVE-2024-49792	IBM ApplinX Cross-Site Scripting — ApplinX	5.4	Medium	2025-02-05
CVE-2024-49791	IBM ApplinX Cross-Site Scripting — ApplinX	6.4	Medium	2025-02-05
CVE-2024-56472	IBM Aspera Shares Cross-Site Scripting — Aspera Shares	6.4	Medium	2025-02-05
CVE-2024-38317	IBM Aspera Shares Cross-Site Scripting — Aspera Shares	4.8	Medium	2025-02-05
CVE-2025-24803	Stored Cross-Site Scripting (XSS) in MobSF — Mobile-Security-Framework-MobSF	6.5	-	2025-02-05
CVE-2025-24372	XSS vector in user uploaded images in group/org and user profiles in ckan — ckan	7.3	High	2025-02-05
CVE-2025-24320	BIG-IP Configuration utility vulnerability — BIG-IP	8.0	High	2025-02-05
CVE-2025-20205	Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability — Cisco Identity Services Engine Software	4.8	Medium	2025-02-05

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551