Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21550

21550 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-23972 WordPress Social Like Box and Page by WpDevArt Plugin <= 0.8.39 is vulnerable to Cross Site Scripting (XSS) — Social Like Box and Page by WpDevArt 5.9 Medium2023-04-06
CVE-2023-23987 WordPress User Registration Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS) — User Registration 5.9 Medium2023-04-06
CVE-2023-23979 WordPress Quick Event Manager Plugin <= 9.7.4 is vulnerable to Cross Site Scripting (XSS) — Quick Event Manager 7.1 High2023-04-06
CVE-2023-23971 WordPress WP Time Slots Booking Form Plugin <= 1.1.81 is vulnerable to Cross Site Scripting (XSS) — WP Time Slots Booking Form 5.9 Medium2023-04-06
CVE-2023-23815 WordPress Multi-column Tag Map Plugin <= 17.0.24 is vulnerable to Cross Site Scripting (XSS) — Multi-column Tag Map 6.5 Medium2023-04-06
CVE-2023-23982 WordPress WPFrom Email Plugin <= 1.8.8 is vulnerable to Cross Site Scripting (XSS) — WPFrom Email 5.9 Medium2023-04-06
CVE-2023-23981 WordPress Conversational Forms for ChatBot Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS) — Conversational Forms for ChatBot 5.9 Medium2023-04-06
CVE-2023-28852 GLPI vulnerable to stored Cross-site Scripting through dashboard administration — glpi 4.8 Medium2023-04-05
CVE-2023-28636 GLPI vulnerable to stored Cross-site Scripting in external links — glpi 4.5 Medium2023-04-05
CVE-2023-1869 YourChannel <= 1.2.5 - Authenticated (Administrator+) Stored Cross-Site Scripting — YourChannel: Everything you want in a YouTube plugin. 5.5 Medium2023-04-05
CVE-2013-10022 BestWebSoft Contact Form Plugin contact_form.php cntctfrm_check_form cross site scripting — Contact Form Plugin 3.5 Low2023-04-05
CVE-2023-1860 Keysight IXIA Hawkeye licenses cross site scripting — IXIA Hawkeye 3.5 Low2023-04-05
CVE-2023-1857 SourceCodester Online Computer and Laptop Store cross site scripting — Online Computer and Laptop Store 2.4 Low2023-04-05
CVE-2023-1853 SourceCodester Online Payroll System employee_edit.php cross site scripting — Online Payroll System 3.5 Low2023-04-05
CVE-2023-1852 SourceCodester Online Payroll System deduction_edit.php cross site scripting — Online Payroll System 3.5 Low2023-04-05
CVE-2023-1851 SourceCodester Online Payroll System employee_add.php cross site scripting — Online Payroll System 3.5 Low2023-04-05
CVE-2023-26536 WordPress Sp*tify Play Button for WordPress Plugin <= 2.05 is vulnerable to Cross Site Scripting (XSS) — Sp*tify Play Button for WordPress 6.5 Medium2023-04-05
CVE-2023-28639 GLPI vulnerable to reflected Cross-site Scripting in search pages — glpi 6.1 Medium2023-04-05
CVE-2023-1892 Cross-site Scripting (XSS) - Reflected in sidekiq/sidekiq — sidekiq/sidekiq 6.1 -2023-04-05
CVE-2023-1756 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq — thorsten/phpmyfaq 4.7 Medium2023-04-05
CVE-2023-1757 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq — thorsten/phpmyfaq 5.4 -2023-04-05
CVE-2023-1878 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq — thorsten/phpmyfaq 5.4 -2023-04-05
CVE-2023-1879 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq — thorsten/phpmyfaq 5.4 -2023-04-05
CVE-2023-1880 Cross-site Scripting (XSS) - Reflected in thorsten/phpmyfaq — thorsten/phpmyfaq 6.1 -2023-04-05
CVE-2023-1881 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweber 4.8 -2023-04-05
CVE-2023-1882 Cross-site Scripting (XSS) - DOM in thorsten/phpmyfaq — thorsten/phpmyfaq 5.4 -2023-04-05
CVE-2023-1884 Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq — thorsten/phpmyfaq 5.4 -2023-04-05
CVE-2023-1885 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq — thorsten/phpmyfaq 6.3 Medium2023-04-05
CVE-2023-20068 Cisco Prime Infrastructure Reflected Cross-Site Scripting Vulnerability — Cisco Prime Infrastructure 6.1 -2023-04-05
CVE-2023-20096 Cisco Unified Contact Center Express Stored Cross-Site Scripting Vulnerability — Cisco Unified Contact Center Express 5.4 Medium2023-04-05

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21550 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.