Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21572

21572 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-12465 Property Hive Stamp Duty Calculator <= 1.0.22 - Authenticated (Contributor+) Stored Cross-Site Scripting — Property Hive Stamp Duty Calculator 6.4 Medium2024-12-13
CVE-2024-11910 WP Crowdfunding <= 2.1.15 - Authenticated (Contributor+) Stored Cross-Site Scripting — WP Crowdfunding 6.4 Medium2024-12-13
CVE-2024-11754 Booking System Trafft <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — Booking System Trafft 6.4 Medium2024-12-13
CVE-2024-11832 Beaver Builder – WordPress Page Builder <= 2.8.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — Beaver Builder Page Builder – Drag and Drop Website Builder 6.4 Medium2024-12-13
CVE-2024-12581 Kadence Blocks <= 3.2.53 - Authenticated (Admin+) Stored Cross-Site Scripting — Kadence Blocks — Page Builder Toolkit for Gutenberg Editor 4.4 Medium2024-12-13
CVE-2024-11809 Primer MyData for Woocommerce <= 4.2.1 - Reflected Cross-Site Scripting — Primer MyData for Woocommerce 6.1 Medium2024-12-13
CVE-2024-12574 SVG Shortcode <= 1.0.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload — SVG Shortcode 5.4 Medium2024-12-13
CVE-2024-11767 NewsmanApp <= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — NewsmanApp 6.4 Medium2024-12-13
CVE-2024-55878 Cross-site Scripting vulnerability in SimpleXLSXEx::readXfs and SimpeXLSX::toHTMLEx — simplexlsx 6.8 Medium2024-12-12
CVE-2024-36494 Reflected Cross Site Scripting — Scan2Net 6.1 -2024-12-12
CVE-2024-36498 Stored cross site scripting — Scan2Net 4.8 -2024-12-12
CVE-2024-12271 360 Javascript Viewer <= 1.7.29 - Authenticated (Administrator+) Stored Cross-Site Scripting — 360 Javascript Viewer 4.4 Medium2024-12-12
CVE-2024-47947 Stored cross site scripting — Scan2Net 4.8 -2024-12-12
CVE-2024-28142 Stored cross site scripting — Scan2Net 5.4 -2024-12-12
CVE-2024-8179 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLab 5.4 Medium2024-12-12
CVE-2024-12160 Seraphinite Bulk Discounts for WooCommerce <= 2.4.6 - Reflected Cross-Site Scripting — Seraphinite Bulk Discounts for WooCommerce 6.1 Medium2024-12-12
CVE-2024-11760 Currency Converter Widget ⚡ PRO <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — Currency Converter Widget ⚡ PRO 6.4 Medium2024-12-12
CVE-2024-10583 Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popups Builder <= 1.20.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popup Builder 5.4 Medium2024-12-12
CVE-2024-11727 NotificationX – Live Sales Notification, WooCommerce Sales Popup, FOMO, Social Proof, Announcement Banner & Floating Notification Top Bar <= 2.9.3 - Authenticated (Admin+) Stored Cross-Site Scripting — NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification Bar 4.4 Medium2024-12-12
CVE-2024-10784 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.126 - Authenticated (Contributor+) Stored Cross-Site Scripting — Unlimited Elements For Elementor 6.4 Medium2024-12-12
CVE-2024-11766 WordPress Book Plugin for Displaying Books in Grid, Flip, Slider, Popup Layout and more <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — GS Books Showcase – Display Books in Grid, Slider & More | Library for WordPress 6.4 Medium2024-12-12
CVE-2024-11052 Ninja Forms – The Contact Form Builder That Grows With You <= 3.8.19 - Unauthenticated Stored Cross-Site Scripting via Form Calculations — Ninja Forms – The Contact Form Builder That Grows With You 7.2 High2024-12-12
CVE-2024-11871 Social Media Shortcodes <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Social Media Shortcodes 6.4 Medium2024-12-12
CVE-2024-11757 WP GeoNames <= 1.9.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — WP GeoNames 6.4 Medium2024-12-12
CVE-2024-11785 Integrate Firebase <= 0.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — Integrate Firebase 6.4 Medium2024-12-12
CVE-2024-12072 Analytics Cat – Google Analytics Made Easy <= 1.1.2 - Reflected Cross-Site Scripting — Analytics Cat – Google Analytics Made Easy 6.1 Medium2024-12-12
CVE-2024-11765 WordPress Portfolio Plugin – A Plugin for Making Filterable Portfolio Grid, Portfolio Slider and more <= 1.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — GS Portfolio – A Plugin for Making Filterable Portfolio Grid, Portfolio Slider and more 6.4 Medium2024-12-12
CVE-2024-11359 Library Bookshelves <= 5.8 - Reflected Cross-Site Scripting — Library Bookshelves 6.1 Medium2024-12-12
CVE-2024-11882 FAQ And Answers – Create Frequently Asked Questions Area on WP Sites <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Awesome FAQ – Modern Accordion, Tabs,Responsive & Super Fast FAQ Builder. 6.4 Medium2024-12-12
CVE-2024-11781 Smart Agenda – Prise de rendez-vous en ligne <= 4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — SmartAgenda – Prise de rendez-vous en ligne 6.4 Medium2024-12-12

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21572 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.