Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21573

21573 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-10880 JobBoardWP – Job Board Listings and Submissions <= 1.3.0 - Reflected Cross-Site Scripting — JobBoardWP – Job Board Listings and Submissions 6.1 Medium2024-11-23
CVE-2024-10116 Twitter Follow Button <= 0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via username Parameter — FireCask’s Twitter Follow Button 6.4 Medium2024-11-23
CVE-2024-11362 Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net <= 1.112.0 - Reflected Cross-Site Scripting — PeachPay — Payments & Express Checkout for WooCommerce (supports Stripe, PayPal, Square, Authorize.net, NMI) 6.1 Medium2024-11-23
CVE-2024-10886 Tribute Testimonials – WordPress Testimonial Grid/Slider <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — Tribute Testimonials – WordPress Testimonial Grid/Slider 6.4 Medium2024-11-23
CVE-2024-10874 Quotes llama <= 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Quotes llama 6.4 Medium2024-11-23
CVE-2024-11463 DeBounce Email Validator <= 5.6.5 - Reflected Cross-Site Scripting — DeBounce Email Validator 6.1 Medium2024-11-23
CVE-2024-10869 GuardGiant Brute Force Protection <= 2.2.6 - Reflected Cross-Site Scripting — WordPress Brute Force Protection – Stop Brute Force Attacks 6.1 Medium2024-11-23
CVE-2024-52793 XSS vulnerability in serveDir API of @std/http/file-server on POSIX systems — std 5.4 -2024-11-22
CVE-2021-38119 Possible Reflected Cross-Site Scripting (XSS) Vulnerability in OpenText iManager — iManager 6.1 Medium2024-11-22
CVE-2021-38134 Possible Reflected and Stored XSS in OpenText iManager — iManager 6.1 Medium2024-11-22
CVE-2022-26324 Possible XSS in iManager URL for access Component — iManager 7.6 High2024-11-22
CVE-2024-32767 Photo Station — Photo Station 6.3 Medium2024-11-22
CVE-2024-32768 Photo Station — Photo Station 6.3 Medium2024-11-22
CVE-2024-32769 Photo Station — Photo Station 6.3 Medium2024-11-22
CVE-2024-32770 Photo Station — Photo Station 6.3 Medium2024-11-22
CVE-2024-8735 MailMunch – Grow your Email List <= 3.1.8 - Reflected Cross-Site Scripting — MailMunch – Grow your Email List 6.1 Medium2024-11-22
CVE-2024-11225 Premium Packages – Sell Digital Products Securely <= 5.9.3 - Reflected Cross-Site Scripting via add_query_arg — Premium Packages – Sell Digital Products Securely 6.1 Medium2024-11-22
CVE-2024-10034 Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery <= 3.2.4.2 - Authenticated (Editor+) Stored Cross-Site Scripting — Mixed Media Gallery Blocks 5.5 Medium2024-11-22
CVE-2024-11381 Control horas <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Control horas 6.4 Medium2024-11-22
CVE-2024-52053 Stored Cross-Site Scripting in Wowza Streaming Engine — Streaming Engine 6.1AIMediumAI2024-11-21
CVE-2024-52803 LLama Factory Remote OS Command Injection Vulnerability — LLaMA-Factory 7.5 High2024-11-21
CVE-2024-7130 Reflected XSS in Kion Computer's KION Exchange Programs Software — KION Exchange Programs Software 5.5 Medium2024-11-21
CVE-2024-11587 idcCMS classProvCity.php GetCityOptionJs cross site scripting — idcCMS 3.5 Low2024-11-21
CVE-2024-7016 Stored XSS in Smarttek Informatics' Smart Doctor — Smart Doctor 4.8 Medium2024-11-21
CVE-2024-10792 Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels <= 3.5.5 - Reflected Cross-Site Scripting — WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell 6.1 Medium2024-11-21
CVE-2024-11371 Theater for WordPress <= 0.18.6.2 - Reflected Cross-Site Scripting — Theater for WordPress 6.1 Medium2024-11-21
CVE-2024-10675 affiliate-toolkit <= 3.6.7 - Reflected Cross-Site Scripting — affiliate-toolkit – Multi-Network Affiliate & Amazon Product Display 6.1 Medium2024-11-21
CVE-2024-11456 Run Contests, Raffles, and Giveaways with ContestsWP <= 2.0.3 - Reflected Cross-Site Scripting — Run Contests, Raffles, and Giveaways with ContestsWP 6.1 Medium2024-11-21
CVE-2024-10890 WPAdverts – Classifieds Plugin <= 2.1.7 - Reflected Cross-Site Scripting — WPAdverts – Classifieds Plugin 6.1 Medium2024-11-21
CVE-2024-10788 Activity Log – Monitor & Record User Changes <= 2.11.1 - Unauthenticated Stored Cross-Site Scripting via Event Context — Activity Log – Monitor & Record User Changes 7.2 High2024-11-21

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21573 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.