Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-2836 CRM Perks Forms <= 1.1.1 - Authenticated (Admin+) Stored Cross-Site Scripting — CRM Perks Forms – WordPress Form Builder 4.4 Medium2023-05-31
CVE-2023-1661 Display post meta, term meta, comment meta, and user meta <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Display post meta, term meta, comment meta, and user meta 6.4 Medium2023-05-31
CVE-2015-10107 Simplr Registration Form Plus+ Plugin cross site scripting — Simplr Registration Form Plus+ Plugin 3.5 Low2023-05-31
CVE-2014-125103 BestWebSoft Twitter Plugin twitter.php twttr_settings_page cross site scripting — Twitter Plugin 2.4 Low2023-05-31
CVE-2023-2436 Blog-in-Blog <= 2.0.0 - Authenticated (Editor+) Stored Cross-Site Scripting via Shortcode — Blog-in-Blog 4.4 Medium2023-05-31
CVE-2023-2999 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq — thorsten/phpmyfaq 5.4 -2023-05-31
CVE-2023-2998 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq — thorsten/phpmyfaq 5.4 -2023-05-31
CVE-2023-3009 Cross-site Scripting (XSS) - Stored in nilsteampassnet/teampass — nilsteampassnet/teampass 5.4 -2023-05-31
CVE-2023-3021 Cross-site Scripting (XSS) - Stored in mkucej/i-librarian-free — mkucej/i-librarian-free 5.4 -2023-05-31
CVE-2023-3020 Cross-site Scripting (XSS) - Reflected in mkucej/i-librarian-free — mkucej/i-librarian-free 6.1 -2023-05-31
CVE-2023-33962 JStachio XSS vulnerability: Unescaped single quotes — jstachio 5.4 Medium2023-05-30
CVE-2023-33961 Leantime Stored Cross-site Scripting Vulnerability — leantime 8.9 High2023-05-30
CVE-2023-2973 SourceCodester Students Online Internship Timesheet Syste cross site scripting — Students Online Internship Timesheet Syste 2.4 Low2023-05-30
CVE-2023-33186 Cross-site scripting vulnerability in Zulip Server development branch via topic tooltip — zulip 8.2 High2023-05-30
CVE-2023-32685 Clipboard based cross-site scripting (blocked with default CSP) in Kanboard — kanboard 4.4 Medium2023-05-30
CVE-2022-36244 Multiple Stored Cross-Site Scripting Vulnerabilities on Shop Beat Services — studio 5.4 -2023-05-30
CVE-2023-32072 Tuleap vulnerable toXSS via the triggered job URL of a Jenkins job — tuleap 4.8 Medium2023-05-29
CVE-2023-27613 WordPress Forms Ada Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS) — Forms Ada – Form Builder 7.1 High2023-05-29
CVE-2023-23699 WordPress Progress Bar Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS) — Progress Bar 6.5 Medium2023-05-29
CVE-2023-2954 Cross-site Scripting (XSS) - Stored in liangliangyy/djangoblog — liangliangyy/djangoblog 5.4 -2023-05-29
CVE-2023-33332 WordPress WooCommerce Product Vendors Plugin <= 2.1.76 is vulnerable to Cross Site Scripting (XSS) — WooCommerce Product Vendors 7.1 High2023-05-28
CVE-2023-28785 WordPress Yoast SEO: Local Plugin <= 14.9 is vulnerable to Cross Site Scripting (XSS) — Yoast SEO: Local 6.5 Medium2023-05-28
CVE-2023-32800 WordPress Rank Math SEO PRO Plugin <= 3.0.35 is vulnerable to Cross Site Scripting (XSS) — Rank Math SEO PRO 7.1 High2023-05-28
CVE-2023-33311 WordPress Contact Form Entries Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS) — Contact Form Entries 6.5 Medium2023-05-28
CVE-2023-33211 WordPress WP-Piwik Plugin <= 1.0.27 is vulnerable to Cross Site Scripting (XSS) — WP-Matomo Integration (WP-Piwik) 5.9 Medium2023-05-28
CVE-2023-33319 WordPress WooCommerce Follow-Up Emails Plugin <= 4.9.40 is vulnerable to Cross Site Scripting (XSS) — WooCommerce Follow-Up Emails (AutomateWoo) 7.1 High2023-05-28
CVE-2023-33328 WordPress MailChimp Subscribe Forms Plugin <= 4.0.9.1 is vulnerable to Cross Site Scripting (XSS) — MailChimp Subscribe Form 5.9 Medium2023-05-28
CVE-2023-33326 WordPress EventPrime Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS) — EventPrime 7.1 High2023-05-28
CVE-2023-33309 WordPress Duplicator Pro Plugin <= 4.5.11 is vulnerable to Cross Site Scripting (XSS) — Duplicator Pro 7.1 High2023-05-28
CVE-2023-32958 WordPress Novelist Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS) — Novelist 5.9 Medium2023-05-28

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.