Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21520

21520 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-62137 WordPress Shuttle theme <= 1.5.0 - Cross Site Scripting (XSS) vulnerability — Shuttle 6.5 Medium2025-12-31
CVE-2025-62758 WordPress Funnelforms Free plugin <= 3.8 - Cross Site Scripting (XSS) vulnerability — Funnelforms Free 6.5 Medium2025-12-31
CVE-2025-62759 WordPress Series plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability — Series 6.5 Medium2025-12-31
CVE-2025-62760 WordPress BuddyPress Activity Shortcode plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability — BuddyPress Activity Shortcode 6.5 Medium2025-12-31
CVE-2025-63000 WordPress Sermon Manager plugin <= 2.30.0 - Cross Site Scripting (XSS) vulnerability — Sermon Manager 6.5 Medium2025-12-31
CVE-2025-62146 WordPress MX Time Zone Clocks plugin <= 5.1.1 - Cross Site Scripting (XSS) vulnerability — MX Time Zone Clocks 6.5 Medium2025-12-31
CVE-2025-63005 WordPress WordPress Tooltips plugin <= 10.9.3 - Cross Site Scripting (XSS) vulnerability — WordPress Tooltips 6.5 Medium2025-12-31
CVE-2025-62761 WordPress Knowledge Base documentation & wiki plugin – BasePress plugin <= 2.17.0.1 - Cross Site Scripting (XSS) vulnerability — Knowledge Base documentation & wiki plugin – BasePress 6.5 Medium2025-12-31
CVE-2025-15374 EyouCMS Ask Module Ask.php cross site scripting — EyouCMS 3.5 Low2025-12-31
CVE-2025-15223 Philipinho Simple-PHP-Blog login.php cross site scripting — Simple-PHP-Blog 4.3 Medium2025-12-31
CVE-2025-15372 youlaitech vue3-element-admin Notice index.vue cross site scripting — vue3-element-admin 2.4 Low2025-12-31
CVE-2022-50802 ETAP Safety Manager 1.0.0.32 Unauthenticated Reflected Cross-Site Scripting via Action Parameter — ETAP Safety Manager 6.1 Medium2025-12-30
CVE-2022-50801 JM-DATA ONU JF511-TV 1.0.67 Authenticated Stored Cross-Site Scripting (XSS) Vulnerability — JF511-TV 4.3 Medium2025-12-30
CVE-2022-50787 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Stored Cross-Site Scripting — Impact/Pulse/First 7.2 High2025-12-30
CVE-2025-69210 FacturaScripts vulnerable to Stored Cross-Site Scripting (XSS) via XML File Upload — facturascripts 5.4 -2025-12-30
CVE-2025-66103 WordPress WPCal.io plugin <= 0.9.5.9 - Cross Site Scripting (XSS) vulnerability — WPCal.io 6.5 Medium2025-12-30
CVE-2025-66094 WordPress Yada Wiki plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability — Yada Wiki 6.5 Medium2025-12-30
CVE-2025-62746 WordPress Featured Video for WordPress – VideographyWP plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability — Featured Video for WordPress – VideographyWP 6.5 Medium2025-12-30
CVE-2025-63027 WordPress WBC907 Core plugin <= 3.4.1 - Cross Site Scripting (XSS) vulnerability — WBC907 Core 6.5 Medium2025-12-30
CVE-2025-64190 WordPress XStore Core plugin < 5.6 - Cross Site Scripting (XSS) vulnerability — XStore Core 6.5 Medium2025-12-30
CVE-2025-15249 zhujunliang3 work_platform Content cross site scripting — work_platform 3.5 Low2025-12-30
CVE-2025-15248 sunhailin12315 product-review 商品评价系统 Write a Review cross site scripting — product-review 商品评价系统 3.5 Low2025-12-30
CVE-2025-69092 WordPress Essential Addons for Elementor plugin <= 6.5.3 - Cross Site Scripting (XSS) vulnerability — Essential Addons for Elementor 6.5 Medium2025-12-30
CVE-2025-69088 WordPress Combo Offers WooCommerce plugin <= 4.2 - Cross Site Scripting (XSS) vulnerability — Combo Offers WooCommerce 6.5 Medium2025-12-30
CVE-2025-69089 WordPress Auto Listings plugin <= 2.7.1 - Cross Site Scripting (XSS) vulnerability — Auto Listings 6.5 Medium2025-12-30
CVE-2025-69033 WordPress Blog Filter plugin <= 1.7.3 - Cross Site Scripting (XSS) vulnerability — Blog Filter 6.5 Medium2025-12-30
CVE-2025-69020 WordPress Newsletters plugin <= 4.12 - Cross Site Scripting (XSS) vulnerability — Newsletters 6.5 Medium2025-12-30
CVE-2025-69019 WordPress FlippingBook plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability — FlippingBook 6.5 Medium2025-12-30
CVE-2025-69017 WordPress RestroPress plugin <= 3.2.8.6 - Cross Site Scripting (XSS) vulnerability — RestroPress 6.5 Medium2025-12-30
CVE-2025-69018 WordPress Web Directory Free plugin <= 1.7.12 - Cross Site Scripting (XSS) vulnerability — Web Directory Free 6.5 Medium2025-12-30

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21520 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.