Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21527

21527 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-68904 WordPress JNews - Frontend Submit plugin <= 11.0.0 - Reflected Cross Site Scripting (XSS) vulnerability — JNews - Frontend Submit 7.1 High2026-01-22
CVE-2025-68894 WordPress ShoutOut plugin <= 4.0.2 - Reflected Cross Site Scripting (XSS) vulnerability — ShoutOut 7.1 High2026-01-22
CVE-2025-68898 WordPress Synergy Project Manager plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability — Synergy Project Manager 5.8 Medium2026-01-22
CVE-2025-68884 WordPress WP Simple Redirect plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability — WP Simple Redirect 7.1 High2026-01-22
CVE-2025-68871 WordPress Dooodl plugin <= 2.3.0 - Reflected Cross Site Scripting (XSS) vulnerability — Dooodl 7.1 High2026-01-22
CVE-2025-68883 WordPress bidorbuy Store Integrator plugin <= 2.12.0 - Reflected Cross Site Scripting (XSS) vulnerability — bidorbuy Store Integrator 7.1 High2026-01-22
CVE-2025-68866 WordPress Dinatur plugin <= 1.18 - Cross Site Scripting (XSS) vulnerability — Dinatur 7.1 High2026-01-22
CVE-2025-68858 WordPress wpCAS plugin <= 1.07 - Cross Site Scripting (XSS) vulnerability — wpCAS 7.1 High2026-01-22
CVE-2025-68864 WordPress Infility Global plugin <= 2.15.11 - Cross Site Scripting (XSS) vulnerability — Infility Global 7.1 High2026-01-22
CVE-2025-68859 WordPress Syntax Highlighter Compress plugin <= 3.0.83.3 - Reflected Cross Site Scripting (XSS) vulnerability — Syntax Highlighter Compress 7.1 High2026-01-22
CVE-2025-68849 WordPress Quote Master plugin <= 7.1.1 - Reflected Cross Site Scripting (XSS) vulnerability — Quote Master 7.1 High2026-01-22
CVE-2025-68838 WordPress MemberPress Discord Addon plugin <= 1.1.4 - Reflected Cross Site Scripting (XSS) vulnerability — MemberPress Discord Addon 7.1 High2026-01-22
CVE-2025-68835 WordPress Ravpage plugin <= 2.33 - Reflected Cross Site Scripting (XSS) vulnerability — Ravpage 7.1 High2026-01-22
CVE-2025-68839 WordPress Easy Theme Options plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Easy Theme Options 7.1 High2026-01-22
CVE-2025-68518 WordPress Hoteller theme < 6.8.9 - Reflected Cross Site Scripting (XSS) vulnerability — Hoteller 7.1 High2026-01-22
CVE-2025-68520 WordPress DotLife theme < 4.9.5 - Reflected Cross Site Scripting (XSS) vulnerability — DotLife 7.1 High2026-01-22
CVE-2025-68538 WordPress Craft | Coffee Shop Cafe Restaurant WordPress theme <= 2.3.6 - Reflected Cross Site Scripting (XSS) vulnerability — Craft 7.1 High2026-01-22
CVE-2025-68041 WordPress Omnichannel for WooCommerce plugin <= 1.3.65 - Cross Site Scripting (XSS) vulnerability — Omnichannel for WooCommerce 7.1 High2026-01-22
CVE-2025-68011 WordPress GLS Shipping for WooCommerce plugin <= 1.4.0 - Cross Site Scripting (XSS) vulnerability — GLS Shipping for WooCommerce 7.1 High2026-01-22
CVE-2025-68012 WordPress CodeColorer plugin <= 0.10.1 - Stored Cross Site Scripting (XSS) vulnerability — CodeColorer 7.1 High2026-01-22
CVE-2025-68010 WordPress Netgsm plugin <= 2.9.63 - Cross Site Scripting (XSS) vulnerability — Netgsm 7.1 High2026-01-22
CVE-2025-68008 WordPress WP Mail plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability — WP Mail 7.1 High2026-01-22
CVE-2025-68004 WordPress My Post Order plugin <= 1.2.1.1 - Reflected Cross Site Scripting (XSS) vulnerability — My Post Order 7.1 High2026-01-22
CVE-2025-67964 WordPress Homey Core plugin <= 2.4.3 - Cross Site Scripting (XSS) vulnerability — Homey Core 7.1 High2026-01-22
CVE-2025-67960 WordPress WorkScout-Core plugin <= 1.7.06 - Cross Site Scripting (XSS) vulnerability — WorkScout-Core 7.1 High2026-01-22
CVE-2025-67959 WordPress WorkScout theme <= 4.1.07 - Cross Site Scripting (XSS) vulnerability — WorkScout 7.1 High2026-01-22
CVE-2025-67952 WordPress Grand Tour theme < 5.6.2 - Cross Site Scripting (XSS) vulnerability — Grand Tour 7.1 High2026-01-22
CVE-2025-67947 WordPress AdForest Elementor plugin <= 3.0.11 - Cross Site Scripting (XSS) vulnerability — AdForest Elementor 7.1 High2026-01-22
CVE-2025-67949 WordPress Hostiko theme < 94.3.6 - Cross Site Scripting (XSS) vulnerability — Hostiko 7.1 High2026-01-22
CVE-2025-67943 WordPress My auctions allegro plugin <= 3.6.32 - Cross Site Scripting (XSS) vulnerability — My auctions allegro 7.1 High2026-01-22

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21527 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.