CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21550

21550 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-29170	WordPress Product Enquiry for WooCommerce Plugin <= 2.2.12 is vulnerable to Cross Site Scripting (XSS) — Product Enquiry for WooCommerce, WooCommerce product catalog	5.9	Medium	2023-04-07
CVE-2023-29171	WordPress Magic Post Thumbnail Plugin <= 4.1.10 is vulnerable to Cross Site Scripting (XSS) — Magic Post Thumbnail	7.1	High	2023-04-07
CVE-2023-29172	WordPress PropertyHive Plugin <= 1.5.46 is vulnerable to Cross Site Scripting (XSS) — PropertyHive	7.1	High	2023-04-07
CVE-2023-28789	WordPress Contact Forms by Cimatti Plugin <= 1.5.4 is vulnerable to Cross Site Scripting (XSS) — WordPress Contact Forms by Cimatti	7.1	High	2023-04-07
CVE-2023-28781	WordPress Contact Forms by Cimatti Plugin <= 1.5.4 is vulnerable to Cross Site Scripting (XSS) — WordPress Contact Forms by Cimatti	7.1	High	2023-04-07
CVE-2023-28792	WordPress Continuous Image Carousel With Lightbox Plugin <= 1.0.15 is vulnerable to Cross Site Scripting (XSS) — Continuous Image Carousel With Lightbox	7.1	High	2023-04-07
CVE-2023-27620	WordPress Robo Gallery Plugin <= 3.2.12 is vulnerable to Cross Site Scripting (XSS) — Photo Gallery, Images, Slider in Rbs Image Gallery	6.5	Medium	2023-04-07
CVE-2023-25442	WordPress Zeno Font Resizer Plugin <= 1.7.9 is vulnerable to Cross Site Scripting (XSS) — Zeno Font Resizer	5.9	Medium	2023-04-07
CVE-2023-23799	WordPress Easy Panorama Plugin <= 1.1.4 is vulnerable to Cross Site Scripting (XSS) — Easy Panorama	5.9	Medium	2023-04-07
CVE-2022-43914	IBM TRIRIGA Application Platform cross-site scripting — TRIRIGA Application Platform	4.6	Medium	2023-04-07
CVE-2023-29094	WordPress Product page shipping calculator for WooCommerce Plugin <= 1.3.20 is vulnerable to Cross Site Scripting (XSS) — Product page shipping calculator for WooCommerce	5.9	Medium	2023-04-07
CVE-2023-25713	WordPress Quick Paypal Payments Plugin <= 5.7.25 is vulnerable to Cross Site Scripting (XSS) — Quick Paypal Payments	7.1	High	2023-04-07
CVE-2023-25702	WordPress Quick Paypal Payments Plugin <= 5.7.25 is vulnerable to Cross Site Scripting (XSS) — Quick Paypal Payments	5.9	Medium	2023-04-07
CVE-2023-25705	WordPress WP Prayer Plugin <= 1.9.6 is vulnerable to Cross Site Scripting (XSS) — WP Prayer	5.9	Medium	2023-04-07
CVE-2023-25712	WordPress Opt-Out for Google Analytics Plugin <= 2.3.4 is vulnerable to Cross Site Scripting (XSS) — Google Analytics Opt-Out	5.9	Medium	2023-04-07
CVE-2023-25711	WordPress WPGlobus Translate Options Plugin <= 2.1.0 is vulnerable to Cross Site Scripting (XSS) — WPGlobus Translate Options	5.8	Medium	2023-04-07
CVE-2023-1726	XSS in Proliz OBS — OBS	5.4	Medium	2023-04-07
CVE-2023-25464	WordPress Twitch Player Plugin <= 2.1.0 is vulnerable to Cross Site Scripting (XSS) — Twitch Player	5.9	Medium	2023-04-07
CVE-2023-25716	WordPress Announce from the Dashboard Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS) — Announce from the Dashboard	5.9	Medium	2023-04-07
CVE-2023-23994	WordPress Auto Hide Admin Bar Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS) — Auto Hide Admin Bar	5.9	Medium	2023-04-07
CVE-2023-23885	WordPress Quick Contact Form Plugin <= 8.0.3.1 is vulnerable to Cross Site Scripting (XSS) — Quick Contact Form	6.5	Medium	2023-04-07
CVE-2023-28993	WordPress Albo Pretorio Online Plugin <= 4.6.1 is vulnerable to Cross Site Scripting (XSS) — Albo Pretorio On line	7.1	High	2023-04-07
CVE-2023-29236	WordPress Outdoor Theme <= 3.9.6 is vulnerable to Cross Site Scripting (XSS) — Outdoor	7.1	High	2023-04-07
CVE-2023-25041	WordPress Monolit Theme <= 2.0.6 is vulnerable to Cross Site Scripting (XSS) — Monolit	7.1	High	2023-04-07
CVE-2023-25049	WordPress eCommerce Product Catalog Plugin <= 3.3.4 is vulnerable to Cross Site Scripting (XSS) — eCommerce Product Catalog Plugin for WordPress	5.9	Medium	2023-04-07
CVE-2023-25020	WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.1.1 is vulnerable to Cross Site Scripting (XSS) — Arigato Autoresponder and Newsletter	7.1	High	2023-04-07
CVE-2023-25031	WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.1 is vulnerable to Cross Site Scripting (XSS) — Arigato Autoresponder and Newsletter	5.9	Medium	2023-04-07
CVE-2023-25024	WordPress Icegram Collect plugin <= 1.3.8 is vulnerable to Cross Site Scripting (XSS) — Icegram Collect	5.9	Medium	2023-04-07
CVE-2023-25027	WordPress Chained Quiz Plugin <= 1.3.2.5 is vulnerable to Cross Site Scripting (XSS) — Chained Quiz	5.9	Medium	2023-04-07
CVE-2023-25022	WordPress Watu Quiz Plugin <= 3.3.8 is vulnerable to Cross Site Scripting (XSS) — Watu Quiz	5.9	Medium	2023-04-07

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21550 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21550