CWE-79 在Web页面生成时对输入的转义处理不恰当(跨站脚本) 类弱点 21536 条 CVE 漏洞汇总,含 AI 中文分析。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2025-4963 | WordPress plugin WP Extended 跨站脚本漏洞 — The Ultimate WordPress Toolkit – WP Extended | 6.4 | Medium | 2025-05-28 |
| CVE-2025-5082 | WordPress plugin WP Attachments 跨站脚本漏洞 — WP Attachments | 6.1 | Medium | 2025-05-28 |
| CVE-2025-30087 | Best Practical RT 跨站脚本漏洞 — RT | 7.2 | High | 2025-05-28 |
| CVE-2025-31501 | Best Practical RT 跨站脚本漏洞 — RT | 7.2 | High | 2025-05-28 |
| CVE-2025-31500 | Best Practical RT 跨站脚本漏洞 — RT | 7.2 | High | 2025-05-28 |
| CVE-2024-45094 | IBM DS8900F Hardware Management Console和IBM DS8A00 Hardware Management Console 跨站脚本漏洞 — Hardware Management Console | 5.5 | Medium | 2025-05-27 |
| CVE-2025-5198 | StackRox Kubernetes Security Platform 跨站脚本漏洞 | 5.0 | Medium | 2025-05-27 |
| CVE-2025-3704 | Volunteer Sign Up Sheets 跨站脚本漏洞 — Volunteer Sign Up Sheets | 5.9 | Medium | 2025-05-27 |
| CVE-2024-47090 | NagVis 安全漏洞 — Nagvis | 6.1AI | MediumAI | 2025-05-27 |
| CVE-2025-4682 | WordPress plugin Essential Blocks 跨站脚本漏洞 — Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns | 6.4 | Medium | 2025-05-27 |
| CVE-2025-4783 | WordPress plugin Exclusive Addons for Elementor 跨站脚本漏洞 — Exclusive Addons for Elementor | 6.4 | Medium | 2025-05-26 |
| CVE-2025-40663 | i2A-Cronos 跨站脚本漏洞 — Cronos | 5.4AI | MediumAI | 2025-05-26 |
| CVE-2025-40652 | CoverManager 跨站脚本漏洞 — CoverManager | 5.4AI | MediumAI | 2025-05-26 |
| CVE-2025-5181 | Summer Pearl Vacation Rental Management Platform 代码注入漏洞 — Vacation Rental Management Platform | 3.5 | Low | 2025-05-26 |
| CVE-2025-5179 | Realce Tecnologia Queue Ticket Kiosk 代码注入漏洞 — Queue Ticket Kiosk | 2.4 | Low | 2025-05-26 |
| CVE-2025-5177 | Realce Tecnologia Queue Ticket Kiosk 代码注入漏洞 — Queue Ticket Kiosk | 4.3 | Medium | 2025-05-26 |
| CVE-2025-1985 | Pepperl+Fuchs Profinet Gateway 跨站脚本漏洞 — Profinet Gateway FB8122A.1.EL | 6.1 | Medium | 2025-05-26 |
| CVE-2025-5153 | CMS Made Simple(CMSMS) 代码注入漏洞 — CMS Made Simple | 3.5 | Low | 2025-05-25 |
| CVE-2025-5138 | Bitwarden 代码注入漏洞 — Bitwarden | 3.5 | Low | 2025-05-25 |
| CVE-2025-5135 | Tmall_demo 代码注入漏洞 — Demo | 2.4 | Low | 2025-05-24 |
| CVE-2025-5134 | Tmall_demo 代码注入漏洞 — Demo | 3.5 | Low | 2025-05-24 |
| CVE-2025-5133 | Tmall_demo 代码注入漏洞 — Demo | 4.3 | Medium | 2025-05-24 |
| CVE-2025-5127 | Teledyne FLIR AX8 安全漏洞 — AX8 | 3.5 | Low | 2025-05-24 |
| CVE-2025-4223 | WordPress plugin Page Builder: Pagelayer 跨站脚本漏洞 — Page Builder: Pagelayer – Drag and Drop website builder | 4.7 | Medium | 2025-05-24 |
| CVE-2025-5055 | WordPress plugin Smart Forms 跨站脚本漏洞 — Smart Forms – when you need more than just a contact form | 4.4 | Medium | 2025-05-24 |
| CVE-2025-3869 | WordPress plugin 4stats 跨站脚本漏洞 — 4stats | 6.1 | Medium | 2025-05-24 |
| CVE-2024-13427 | WordPress plugin Page Builder: Pagelayer 跨站脚本漏洞 — Page Builder: Pagelayer – Drag and Drop website builder | 6.4 | Medium | 2025-05-24 |
| CVE-2025-48377 | DNN 跨站脚本漏洞 — Dnn.Platform | 6.1AI | MediumAI | 2025-05-23 |
| CVE-2025-48378 | DNN 跨站脚本漏洞 — Dnn.Platform | 5.4AI | MediumAI | 2025-05-23 |
| CVE-2025-43860 | OpenEMR 跨站脚本漏洞 — openemr | 7.6 | High | 2025-05-23 |
CWE-79(在Web页面生成时对输入的转义处理不恰当(跨站脚本)) 是常见的弱点类别,本平台收录该类弱点关联的 21536 条 CVE 漏洞。