Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21570

21570 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-23811 WordPress Smoothscroller Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS) — Smoothscroller 5.9 Medium2023-06-22
CVE-2023-23807 WordPress MojoPlug Slide Panel Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS) — MojoPlug Slide Panel 5.9 Medium2023-06-22
CVE-2023-28778 WordPress Pagination by BestWebSoft Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS) — Pagination 5.9 Medium2023-06-22
CVE-2023-28776 WordPress Continuous Image Carousel With Lightbox Plugin <= 1.0.15 is vulnerable to Cross Site Scripting (XSS) — Continuous Image Carousel With Lightbox 7.1 High2023-06-22
CVE-2023-28750 WordPress Albo Pretorio Online Plugin <= 4.6 is vulnerable to Cross Site Scripting (XSS) — Albo Pretorio On line 7.1 High2023-06-22
CVE-2023-28784 WordPress Contest Gallery Plugin <= 21.1.2 is vulnerable to Cross Site Scripting (XSS) — Contest Gallery 7.1 High2023-06-22
CVE-2023-35090 WordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Cross Site Scripting (XSS) — MasterStudy LMS WordPress Plugin – for Online Courses and Education 6.5 Medium2023-06-22
CVE-2023-31213 WordPress WPBakery Page Builder Plugin < 6.13.0 is vulnerable to Cross Site Scripting (XSS) — WPBakery Page Builder 6.5 Medium2023-06-22
CVE-2023-28695 WordPress VigilanTor Plugin <= 1.3.10 is vulnerable to Cross Site Scripting (XSS) — VigilanTor 5.9 Medium2023-06-22
CVE-2023-27618 WordPress Store Locator WordPress Plugin <= 1.4.9 is vulnerable to Cross Site Scripting (XSS) — Store Locator WordPress 5.9 Medium2023-06-22
CVE-2023-28534 WordPress WP Job Portal Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS) — WP Job Portal – A Complete Job Board 6.5 Medium2023-06-22
CVE-2023-28496 WordPress SMTP2GO Plugin <= 1.4.2 is vulnerable to Cross Site Scripting (XSS) — SMTP2GO – Email Made Easy 5.9 Medium2023-06-22
CVE-2023-28423 WordPress Modern Footnotes Plugin <= 1.4.15 is vulnerable to Cross Site Scripting (XSS) — Modern Footnotes 5.9 Medium2023-06-22
CVE-2023-28166 WordPress Tags Cloud Manager Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS) — Tags Cloud Manager 7.1 High2023-06-22
CVE-2023-28171 WordPress Brilliance Theme <= 1.3.1 is vulnerable to Cross Site Scripting (XSS) — Brilliance 5.4 Medium2023-06-22
CVE-2023-27612 WordPress Site Reviews Plugin <= 6.5.1 is vulnerable to Cross Site Scripting (XSS) — Site Reviews 6.5 Medium2023-06-22
CVE-2023-27629 WordPress Site Reviews Plugin <= 6.5.1 is vulnerable to Cross Site Scripting (XSS) — Site Reviews 6.5 Medium2023-06-22
CVE-2023-27413 WordPress W4 Post List Plugin <= 2.4.4 is vulnerable to Cross Site Scripting (XSS) — W4 Post List 6.5 Medium2023-06-22
CVE-2023-27631 WordPress Daily Prayer Time Plugin <= 2023.05.04 is vulnerable to Cross Site Scripting (XSS) — Daily Prayer Time 6.5 Medium2023-06-22
CVE-2019-25152 Abandoned Cart Lite for WooCommerce < 5.2.0 and Abandoned Cart Pro for WooCommerce < 7.13.0 - Stored Cross-Site Scripting — Abandoned Cart Lite for WooCommerce 7.2 High2023-06-22
CVE-2023-35131 Moodle: xss risk on groups page 6.1 Medium2023-06-22
CVE-2023-27414 WordPress Popup box Plugin <= 3.4.4 is vulnerable to Cross Site Scripting (XSS) — Popup box 7.1 High2023-06-21
CVE-2023-27429 WordPress Jetpack CRM Plugin <= 5.4.4 is vulnerable to Cross Site Scripting (XSS) — Jetpack CRM 5.9 Medium2023-06-21
CVE-2023-27432 WordPress Manage Upload Limit Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS) — Manage Upload Limit 7.1 High2023-06-21
CVE-2023-27439 WordPress New Adman Plugin <= 1.6.8 is vulnerable to Cross Site Scripting (XSS) — New Adman 5.9 Medium2023-06-21
CVE-2023-27450 WordPress Leyka Plugin <= 3.29.2 is vulnerable to Cross Site Scripting (XSS) — Leyka 7.1 High2023-06-21
CVE-2023-27443 WordPress Simple Vimeo Shortcode Plugin <= 2.9.1 is vulnerable to Cross Site Scripting (XSS) — Simple Vimeo Shortcode 6.5 Medium2023-06-21
CVE-2023-35095 WordPress Flo Forms Plugin <= 1.0.40 is vulnerable to Cross Site Scripting (XSS) — Flo Forms – Easy Drag & Drop Form Builder 5.9 Medium2023-06-20
CVE-2023-35097 WordPress WP Affiliate Links Plugin <= 0.1.1 is vulnerable to Cross Site Scripting (XSS) — WP Affiliate Links 7.1 High2023-06-20
CVE-2023-35098 WordPress NextGen GalleryView Plugin <= 0.5.5 is vulnerable to Cross Site Scripting (XSS) — WordPress NextGen GalleryView 7.1 High2023-06-20

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21570 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.