Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21572

21572 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-12257 CardGate Payments for WooCommerce <= 3.2.1 - Reflected Cross-Site Scripting — CardGate Payments for WooCommerce 6.1 Medium2024-12-07
CVE-2024-11904 코드엠샵 소셜톡 <= 1.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — 코드엠샵 소셜톡 6.4 Medium2024-12-07
CVE-2024-12166 Shortcodes Blocks Creator Ultimate <= 2.2.0 - Reflected Cross-Site Scripting via 'page' — Shortcodes Blocks Creator Ultimate 6.1 Medium2024-12-07
CVE-2024-11451 Zooom <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Zooom 6.4 Medium2024-12-07
CVE-2024-11943 워드프레스 결제 심플페이 – 우커머스 결제 플러그인 <= 5.2.2 - Reflected Cross-Site Scripting via add_query_arg Function — 워드프레스 결제 심플페이 – 우커머스 결제 플러그인 6.1 Medium2024-12-07
CVE-2024-10046 افزونه پیامک ووکامرس Persian WooCommerce SMS <= 7.0.5 - Reflected Cross-Site Scripting — افزونه پیامک ووکامرس Persian WooCommerce SMS 6.1 Medium2024-12-07
CVE-2024-11436 Drag & Drop Builder, Human Face Detector, Pre-built Templates, Spam Protection, User Email Notifications & more! <= 1.4.19 - Reflected Cross-Site Scripting — Pie Forms — Drag & Drop Form Builder 6.1 Medium2024-12-07
CVE-2024-11329 Comfino Payment Gateway <= 4.1.1 - Reflected Cross-Site Scripting — Comfino Payment Gateway 6.1 Medium2024-12-07
CVE-2024-54138 XSS Vulnerability in NuGetGallery's Markdown Autolinks Processing — NuGetGallery 5.4 -2024-12-06
CVE-2024-7875 XSS in Tungsten Automation TotalAgility — TotalAgility 6.1 -2024-12-06
CVE-2024-7874 XSS in Tungsten Automation TotalAgility — TotalAgility 6.1 -2024-12-06
CVE-2024-12326 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Jirafeau — Jirafeau 6.1 Medium2024-12-06
CVE-2024-4633 Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel <= 3.2.1- Authenticated (Author+) Stored Cross-Site Scripting — Depicter — Popup & Slider Builder 6.4 Medium2024-12-06
CVE-2024-11321 Reflected XSS in Hi e-learning's Learning Management System (LMS) — Learning Management System (LMS) 5.4 Medium2024-12-06
CVE-2024-53794 WordPress Arkhe Blocks plugin <= 2.27.0 - Cross Site Scripting (XSS) vulnerability — Arkhe Blocks 6.5 Medium2024-12-06
CVE-2024-53796 WordPress Themesflat Addons For Elementor plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability — themesflat-addons-for-elementor 6.5 Medium2024-12-06
CVE-2024-53797 WordPress Beaver Builder plugin <= 2.8.4.3 - Cross Site Scripting (XSS) vulnerability — Beaver Builder 6.5 Medium2024-12-06
CVE-2024-53801 WordPress Bold Page Builder plugin <= 5.2.1 - Cross Site Scripting (XSS) vulnerability — Bold Page Builder 6.5 Medium2024-12-06
CVE-2024-53802 WordPress Futurio Extra plugin <= 2.0.14 - Cross Site Scripting (XSS) vulnerability — Futurio Extra 6.5 Medium2024-12-06
CVE-2024-53812 WordPress WP GeoNames plugin <= 1.8 - Reflected Cross Site Scripting (XSS) vulnerability — WP GeoNames 7.1 High2024-12-06
CVE-2024-53820 WordPress Captivate Sync plugin <= 2.0.22 - Cross Site Scripting (XSS) vulnerability — Captivate Sync 6.5 Medium2024-12-06
CVE-2024-53823 WordPress The Plus Addons for Elementor plugin <= 5.6.14 - Cross Site Scripting (XSS) vulnerability — The Plus Addons for Elementor Page Builder Lite 6.5 Medium2024-12-06
CVE-2024-53821 WordPress Pie Register Premium plugin < 3.8.3.3 - Cross Site Scripting (XSS) vulnerability — Pie Register Premium 7.1 High2024-12-06
CVE-2024-54206 WordPress Z-Downloads plugin <= 1.11.7 - Cross Site Scripting (XSS) vulnerability — Z-Downloads 5.9 Medium2024-12-06
CVE-2024-54207 WordPress WordPress Auction Plugin plugin <= 3.7 - Cross Site Scripting (XSS) vulnerability — WordPress Auction Plugin 5.9 Medium2024-12-06
CVE-2024-54208 WordPress Block Controller plugin <= 1.4.3 - Reflected Cross Site Scripting (XSS) vulnerability — Block Controller 7.1 High2024-12-06
CVE-2024-54210 WordPress Advanced Element Bucket Addons for Elementor plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability — Advanced Element Bucket Addons for Elementor 6.5 Medium2024-12-06
CVE-2024-54209 WordPress Awesome Shortcodes plugin <= 1.7.2 - Reflected Cross Site Scripting (XSS) vulnerability — Awesome Shortcodes 7.1 High2024-12-06
CVE-2024-54211 WordPress Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin <= 1.5.8 - Cross Site Scripting (XSS) vulnerability — Borderless 5.9 Medium2024-12-06
CVE-2024-54212 WordPress Magical Addons For Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability — Magical Addons For Elementor 6.5 Medium2024-12-06

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21572 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.