Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21550

21550 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-25023 WordPress WebinarIgnition Plugin <= 2.14.2 is vulnerable to Cross Site Scripting (XSS) — Webinar ignition 5.9 Medium2023-04-07
CVE-2023-25046 WordPress Podlove Podcast Publisher Plugin <= 3.8.2 is vulnerable to Cross Site Scripting (XSS) — Podlove Podcast Publisher 5.9 Medium2023-04-07
CVE-2023-24398 WordPress EZP Coming Soon Page Plugin <= 1.0.7.3 is vulnerable to Cross Site Scripting (XSS) — EZP Coming Soon Page 5.9 Medium2023-04-07
CVE-2023-24402 WordPress WP Booking System Plugin <= 2.0.18 is vulnerable to Cross Site Scripting (XSS) — WP Booking System – Booking Calendar 5.9 Medium2023-04-07
CVE-2023-25059 WordPress avalex Plugin <= 3.0.3 is vulnerable to Cross Site Scripting (XSS) — avalex – Automatically secure legal texts 5.9 Medium2023-04-07
CVE-2023-25061 WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.1.1 is vulnerable to Cross Site Scripting (XSS) — Arigato Autoresponder and Newsletter 6.5 Medium2023-04-07
CVE-2014-125094 phpMiniAdmin cross site scripting — phpMiniAdmin 3.5 Low2023-04-06
CVE-2023-29016 Goobi viewer Core has Cross-Site Scripting Vulnerability in User Nicknames — goobi-viewer-core 6.1 Medium2023-04-06
CVE-2023-29015 Goobi viewer Core has Cross-Site Scripting Vulnerability in User Comments — goobi-viewer-core 6.1 Medium2023-04-06
CVE-2023-29014 Goobi viewer Core Reflected Cross-Site Scripting Vulnerability Using LOGID Parameter — goobi-viewer-core 6.1 Medium2023-04-06
CVE-2023-1913 Maps Widget for Google Maps <= 4.24 - Authenticated (Administrator+) Stored Cross-Site Scripting — Maps Widget for Google Maps 4.4 Medium2023-04-06
CVE-2023-1912 Limit Login Attempts <= 1.7.1 - Unauthenticated Stored Cross-Site Scripting — Limit Login Attempts 7.2 High2023-04-06
CVE-2023-25062 WordPress Pinpoint Booking System Plugin <= 2.9.9.2.8 is vulnerable to Cross Site Scripting (XSS) — Pinpoint Booking System 5.9 Medium2023-04-06
CVE-2023-23891 WordPress Ocean Extra Plugin <= 2.1.1 is vulnerable to Cross Site Scripting (XSS) — Ocean Extra 5.5 Medium2023-04-06
CVE-2023-24378 WordPress Glossary Plugin <= 2.1.27 is vulnerable to Cross Site Scripting (XSS) — Glossary 6.5 Medium2023-04-06
CVE-2023-24374 WordPress Material Design Icons for Page Builders Plugin <= 1.4.2 is vulnerable to Cross Site Scripting (XSS) — Material Design Icons for Page Builders 6.5 Medium2023-04-06
CVE-2023-24396 WordPress VikBooking Hotel Booking Engine & PMS Plugin <= 1.5.11 is vulnerable to Cross Site Scripting (XSS) — VikBooking Hotel Booking Engine & PMS 5.9 Medium2023-04-06
CVE-2023-24387 WordPress Organization chart Plugin <= 1.4.4 is vulnerable to Cross Site Scripting (XSS) — Organization chart 5.9 Medium2023-04-06
CVE-2023-24411 WordPress BNE Testimonials Plugin <= 2.0.7 is vulnerable to Cross Site Scripting (XSS) — BNE Testimonials 6.5 Medium2023-04-06
CVE-2023-24403 WordPress bbPress Voting Plugin <= 2.1.11.0 is vulnerable to Cross-Site Scripting (XSS) — bbPress Voting 5.9 Medium2023-04-06
CVE-2023-24383 WordPress Namaste! LMS Plugin <= 2.5.9.1 is vulnerable to Cross Site Scripting (XSS) — Namaste! LMS 5.9 Medium2023-04-06
CVE-2023-23898 WordPress Blocksy Companion Plugin <= 1.8.67 is vulnerable to Cross Site Scripting (XSS) — Blocksy Companion 5.5 Medium2023-04-06
CVE-2023-24003 WordPress WP Popups Plugin <= 2.1.4.8 is vulnerable to Cross Site Scripting (XSS) — WP Popups – WordPress Popup builder 6.5 Medium2023-04-06
CVE-2023-24002 WordPress YouTube Embed, Playlist and Popup by WpDevArt Plugin <= 2.6.3 is vulnerable to Cross Site Scripting (XSS) — YouTube Embed, Playlist and Popup by WpDevArt 5.9 Medium2023-04-06
CVE-2023-24004 WordPress Image and Video Lightbox, Image PopUp Plugin <= 2.1.5 is vulnerable to Cross Site Scripting (XSS) — Image and Video Lightbox, Image PopUp 5.9 Medium2023-04-06
CVE-2023-24006 WordPress WP Terms Popup – Terms and Conditions and Privacy Policy WordPress Popups Plugin <= 2.6.0 is vulnerable to Cross Site Scripting (XSS) — WP Terms Popup 5.9 Medium2023-04-06
CVE-2023-24001 WordPress Modal Dialog Plugin <= 3.5.9 is vulnerable to Cross Site Scripting (XSS) — Modal Dialog 5.9 Medium2023-04-06
CVE-2023-23996 WordPress ProfilePress Plugin <= 4.5.3 is vulnerable to Cross Site Scripting (XSS) — ProfilePress 5.9 Medium2023-04-06
CVE-2023-23998 WordPress VikRentCar Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS) — VikRentCar Car Rental Management System 5.9 Medium2023-04-06
CVE-2023-23980 WordPress MailOptin Plugin <= 1.2.54.0 is vulnerable to Cross Site Scripting (XSS) — MailOptin 5.9 Medium2023-04-06

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21550 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.