CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21573

21573 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-30752	WordPress External Videos Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS) — External Videos	5.9	Medium	2023-08-14
CVE-2023-30751	WordPress Article Directory Redux Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS) — Article Directory Redux	5.9	Medium	2023-08-14
CVE-2023-28535	WordPress Paytm Payment Donation Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS) — Paytm Payment Donation	7.1	High	2023-08-14
CVE-2023-30749	WordPress Optima Express + MarketBoost IDX Plugin Plugin <= 7.3.0 is vulnerable to Cross Site Scripting (XSS) — Optima Express + MarketBoost IDX Plugin	5.9	Medium	2023-08-14
CVE-2023-30754	WordPress AdFoxly – Ad Manager, AdSense Ads & Ads.txt Plugin <= 1.8.5 is vulnerable to Cross Site Scripting (XSS) — AdFoxly – Ad Manager, AdSense Ads & Ads.txt	7.1	High	2023-08-14
CVE-2023-30489	WordPress Email Subscription Popup Plugin <= 1.2.16 is vulnerable to Cross Site Scripting (XSS) — Email Subscription Popup	7.1	High	2023-08-14
CVE-2023-30477	WordPress AFFILIATE Solution Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS) — AFFILIATE Solution	5.9	Medium	2023-08-14
CVE-2023-30475	WordPress Coupon Affiliates Plugin <= 5.4.5 is vulnerable to Cross Site Scripting (XSS) — WooCommerce Affiliate Plugin – Coupon Affiliates	7.1	High	2023-08-14
CVE-2023-29097	WordPress a3 Portfolio Plugin <= 3.1.0 is vulnerable to Cross Site Scripting (XSS) — a3 Portfolio	5.9	Medium	2023-08-14
CVE-2023-30483	WordPress Watu Quiz Plugin <= 3.3.9.2 is vulnerable to Cross Site Scripting (XSS) — Watu Quiz	7.1	High	2023-08-14
CVE-2023-4321	Cross-site Scripting (XSS) - Stored in cockpit-hq/cockpit — cockpit-hq/cockpit	5.4	-	2023-08-14
CVE-2023-3937	Cross site scripting vulnerabilities in Snow License Manager — Snow License Manager	4.8	Medium	2023-08-11
CVE-2023-39955	Notes attachment render HTML in preview mode — security-advisories	3.5	Low	2023-08-10
CVE-2023-38397	WordPress Gestion-Pymes Plugin <= 1.5.6 is vulnerable to Cross Site Scripting (XSS) — Gestion-Pymes	5.9	Medium	2023-08-10
CVE-2023-37388	WordPress Simple Light Weight Social Share (Tweet, Like, Share and Linkedin) Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS) — Simple Light Weight Social Share	5.9	Medium	2023-08-10
CVE-2023-28779	WordPress Terms descriptions Plugin <= 3.4.4 is vulnerable to Cross Site Scripting (XSS) — Terms descriptions	7.1	High	2023-08-10
CVE-2023-37983	WordPress Art Direction Plugin <= 0.2.4 is vulnerable to Cross Site Scripting (XSS) — Art Direction	6.5	Medium	2023-08-10
CVE-2023-39314	WordPress Leyka Plugin <= 3.30.2 is vulnerable to Cross Site Scripting (XSS) — Leyka	7.1	High	2023-08-10
CVE-2023-24393	WordPress Animated Number Counters Plugin <= 1.6 is vulnerable to Cross Site Scripting (XSS) — Animated Number Counters	6.5	Medium	2023-08-10
CVE-2023-24391	WordPress ApplyOnline – Application Form Builder and Manager Plugin <= 2.5 is vulnerable to Cross Site Scripting (XSS) — ApplyOnline	5.9	Medium	2023-08-10
CVE-2023-23828	WordPress WP Category Post List Widget Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS) — WP Category Post List Widget	6.5	Medium	2023-08-10
CVE-2023-36530	WordPress SP Project & Document Manager Plugin <= 4.67 is vulnerable to Cross Site Scripting (XSS) — SP Project & Document Manager	5.9	Medium	2023-08-10
CVE-2023-30481	WordPress AGP Font Awesome Collection Plugin <= 3.2.4 is vulnerable to Cross Site Scripting (XSS) — AGP Font Awesome Collection	7.1	High	2023-08-10
CVE-2023-23900	WordPress Easy Forms for Mailchimp Plugin <= 6.8.8 is vulnerable to Cross Site Scripting (XSS) — Easy Forms for Mailchimp	5.8	Medium	2023-08-10
CVE-2023-34374	WordPress AnsPress – Question and answer Plugin <= 4.3.0 is vulnerable to Cross Site Scripting (XSS) — AnsPress	5.9	Medium	2023-08-10
CVE-2023-4283	EmbedPress <= 3.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more	6.4	Medium	2023-08-10
CVE-2023-37988	WordPress Contact Form Generator Plugin <= 2.5.5 is vulnerable to Cross Site Scripting (XSS) — Contact Form Generator	7.1	High	2023-08-10
CVE-2023-23871	WordPress Button Plugin <= 1.1.23 is vulnerable to Cross Site Scripting (XSS) — Button	5.9	Medium	2023-08-10
CVE-2023-24009	WordPress Upfrontwp Theme <= 1.1 is vulnerable to Cross Site Scripting (XSS) — Upfrontwp	6.5	Medium	2023-08-10
CVE-2023-23798	WordPress Layer Slider Plugin <= 1.1.9.7 is vulnerable to Cross Site Scripting (XSS) — Layer Slider	6.5	Medium	2023-08-10

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21573 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21573