Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21520

21520 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-69008 WordPress Inboxify Sign Up Form plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability — Inboxify Sign Up Form 5.9 Medium2025-12-30
CVE-2025-69007 WordPress Popping Sidebars and Widgets Light plugin <= 1.27 - Cross Site Scripting (XSS) vulnerability — Popping Sidebars and Widgets Light 5.9 Medium2025-12-30
CVE-2025-69006 WordPress AM Events plugin <= 1.13.1 - Cross Site Scripting (XSS) vulnerability — AM Events 5.9 Medium2025-12-30
CVE-2025-68992 WordPress BWL Knowledge Base Manager plugin <= 1.6.3 - Cross Site Scripting (XSS) vulnerability — BWL Knowledge Base Manager 6.5 Medium2025-12-30
CVE-2025-68991 WordPress BWL Pro Voting Manager plugin <= 1.4.9 - Cross Site Scripting (XSS) vulnerability — BWL Pro Voting Manager 6.5 Medium2025-12-30
CVE-2025-68978 WordPress DesignThemes Core plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability — DesignThemes Core 6.5 Medium2025-12-30
CVE-2025-68977 WordPress DesignThemes Portfolio Addon plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability — DesignThemes Portfolio Addon 6.5 Medium2025-12-30
CVE-2025-15355 NetVision Information|ISOinsight - Reflected Cross-site Scripting — ISOinsight 6.1 Medium2025-12-30
CVE-2025-15221 SohuTV CacheCloud AppDataMigrateController.java index cross site scripting — CacheCloud 3.5 Low2025-12-30
CVE-2025-15220 SohuTV CacheCloud LoginController.java init cross site scripting — CacheCloud 4.3 Medium2025-12-30
CVE-2025-15219 SohuTV CacheCloud MachineManageController.java doPodList cross site scripting — CacheCloud 3.5 Low2025-12-30
CVE-2025-15214 Campcodes Park Ticketing System admin_class.php save_pricing cross site scripting — Park Ticketing System 2.4 Low2025-12-30
CVE-2025-23554 WordPress Off Page SEO plugin <= 3.0.3 - Reflected Cross Site Scripting (XSS) vulnerability — Off Page SEO 7.1 High2025-12-29
CVE-2025-23550 WordPress Product Puller plugin <= 1.5.1 - Reflected Cross Site Scripting (XSS) vulnerability — Product Puller 7.1 High2025-12-29
CVE-2025-23469 WordPress Sleekplan plugin <= 0.2.0 - Reflected Cross Site Scripting (XSS) vulnerability — Sleekplan 7.1 High2025-12-29
CVE-2025-23458 WordPress Ads24 Lite plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Ads24 Lite 7.1 High2025-12-29
CVE-2025-68499 WordPress JetTabs plugin <= 2.2.12 - Cross Site Scripting (XSS) vulnerability — JetTabs 6.5 Medium2025-12-29
CVE-2025-68504 WordPress JetSearch plugin <= 3.5.16 - Cross Site Scripting (XSS) vulnerability — JetSearch 6.5 Medium2025-12-29
CVE-2025-68607 WordPress Custom Field Template plugin <= 2.7.7 - Cross Site Scripting (XSS) vulnerability — Custom Field Template 6.5 Medium2025-12-29
CVE-2025-15204 SohuTV CacheCloud QuartzManageController.java doQuartzList cross site scripting — CacheCloud 2.4 Low2025-12-29
CVE-2025-15203 SohuTV CacheCloud ResourceController.java index cross site scripting — CacheCloud 2.4 Low2025-12-29
CVE-2025-15202 SohuTV CacheCloud TaskController.java taskQueueList cross site scripting — CacheCloud 2.4 Low2025-12-29
CVE-2025-15201 SohuTV CacheCloud WebResourceController.java redirectNoPower cross site scripting — CacheCloud 3.5 Low2025-12-29
CVE-2025-15200 SohuTV CacheCloud AppClientDataShowController.java doIndex cross site scripting — CacheCloud 2.4 Low2025-12-29
CVE-2025-55064 Priority - CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') — Web 4.8 Medium2025-12-29
CVE-2025-55063 Priority - CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') — Web 4.8 Medium2025-12-29
CVE-2025-55062 Priority - CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') — Web 4.8 Medium2025-12-29
CVE-2025-68868 WordPress Wp Text Slider Widget plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability — Wp Text Slider Widget 6.5 Medium2025-12-29
CVE-2025-68876 WordPress Invelity SPS connect plugin <= 1.0.8 - Reflected Cross Site Scripting (XSS) vulnerability — Invelity SPS connect 7.1 High2025-12-29
CVE-2025-68878 WordPress Advanced Custom CSS plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Advanced Custom CSS 7.1 High2025-12-29

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21520 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.