Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21573

21573 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-23880 WordPress ExactMetrics Plugin <= 7.14.1 is vulnerable to Cross Site Scripting (XSS) — ExactMetrics 6.5 Medium2023-08-08
CVE-2023-24409 WordPress WP Responsive Tabs horizontal vertical and accordion Tabs Plugin <= 1.1.15 is vulnerable to Cross Site Scripting (XSS) — WP Responsive Tabs horizontal vertical and accordion Tabs 7.1 High2023-08-08
CVE-2023-25459 WordPress Post Snippets Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS) — Post Snippets 5.9 Medium2023-08-08
CVE-2023-29099 WordPress Divi Theme <= 4.20.2 is vulnerable to Cross Site Scripting (XSS) — Divi 6.5 Medium2023-08-08
CVE-2023-32503 WordPress GTmetrix for WordPress Plugin <= 0.4.6 is vulnerable to Cross Site Scripting (XSS) — GTmetrix for WordPress 7.1 High2023-08-08
CVE-2023-27412 WordPress Mocho Blog Theme <= 1.0.4 is vulnerable to Cross Site Scripting (XSS) — Mocho Blog 7.1 High2023-08-08
CVE-2023-27421 WordPress Everest News Theme <= 1.1.0 is vulnerable to Cross Site Scripting (XSS) — Everest News 7.1 High2023-08-08
CVE-2023-4203 Stored Cross-Site Scripting — EKI-1524 9.0 Critical2023-08-08
CVE-2023-27416 WordPress Decon WP SMS Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS) — Decon WP SMS 5.9 Medium2023-08-08
CVE-2023-4202 Stored Cross-Site Scripting — EKI-1524 9.0 Critical2023-08-08
CVE-2023-27422 WordPress NS Coupon to Become Customer Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS) — NS Coupon To Become Customer 5.9 Medium2023-08-08
CVE-2023-36692 WordPress WP-Cirrus Plugin <= 0.6.11 is vulnerable to Cross Site Scripting (XSS) — WP-Cirrus 5.9 Medium2023-08-08
CVE-2023-3526 PHOENIX CONTACT: Cross-site Scripting vulnerability in TC ROUTER, TC CLOUD CLIENT and CLOUD CLIENT devices — CLOUD CLIENT 1101T-TX/TX 9.6 Critical2023-08-08
CVE-2023-39437 Cross-Site Scripting (XSS) vulnerability in SAP Business One — SAP Business One 7.6 High2023-08-08
CVE-2023-37488 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Process Integration — SAP NetWeaver Process Integration 6.1 Medium2023-08-08
CVE-2023-39527 PrestaShop XSS vulnerability through Validate::isCleanHTML method — PrestaShop 8.3 High2023-08-07
CVE-2023-38045 Extension - admiror-design-studio.com - XSS in Admiror Gallery component for Joomla 5.0.0-5.2.0 — Admiror Gallery component for Joomla 6.1 -2023-08-07
CVE-2023-38392 WordPress Custom Field Template Plugin <= 2.5.9 is vulnerable to Cross Site Scripting (XSS) — Custom Field Template 7.1 High2023-08-07
CVE-2023-4196 Cross-site Scripting (XSS) - Stored in cockpit-hq/cockpit — cockpit-hq/cockpit 5.4 -2023-08-06
CVE-2023-37581 Apache Roller: Roller's weblog category, weblog settings and file-upload features did not properly sanitize input could be exploited to perform Reflected Cross Site Scripting (XSS) even on a Roller site configured for untrusted users. — Apache Roller 5.4 -2023-08-06
CVE-2023-4175 mooSocial mooTravel cross site scripting — mooTravel 3.5 Low2023-08-06
CVE-2023-4174 mooSocial mooStore cross site scripting — mooStore 3.5 Low2023-08-06
CVE-2023-4173 mooSocial mooStore index cross site scripting — mooStore 3.5 Low2023-08-06
CVE-2023-32600 WordPress Rank Math SEO Plugin <= 1.0.119 is vulnerable to Cross Site Scripting (XSS) — Rank Math SEO 6.5 Medium2023-08-05
CVE-2023-34010 WordPress Media Library Assistant Plugin <= 3.0.7 is vulnerable to Cross Site Scripting (XSS) — Media Library Assistant 5.8 Medium2023-08-05
CVE-2023-34377 WordPress My Content Management Plugin <= 1.7.6 is vulnerable to Cross Site Scripting (XSS) — My Content Management 5.9 Medium2023-08-05
CVE-2023-36678 WordPress WP Content Copy Protection & No Right Click Plugin <= 3.5.5 is vulnerable to Cross Site Scripting (XSS) — WP Content Copy Protection & No Right Click 5.9 Medium2023-08-05
CVE-2023-30491 WordPress CodeBard's Patron Button and Widgets for Patreon Plugin <= 2.1.8 is vulnerable to Cross Site Scripting (XSS) — CodeBard's Patron Button and Widgets for Patreon 7.1 High2023-08-05
CVE-2023-36686 WordPress CartFlows Pro Plugin <= 1.11.11 is vulnerable to Cross Site Scripting (XSS) — CartFlows Pro 7.1 High2023-08-05
CVE-2023-36689 WordPress WPFactory Helper Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS) — WPFactory Helper 7.1 High2023-08-05

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21573 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.