Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21546

21546 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-22679 WordPress WP Better Emails Plugin <= 0.4 is vulnerable to Cross Site Scripting (XSS) — WP Better Emails 5.9 Medium2023-03-20
CVE-2023-23718 WordPress Page Loading Effects Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS) — Page Loading Effects 5.9 Medium2023-03-20
CVE-2023-24381 WordPress Advanced Social Pixel Plugin <= 2.1.1 is vulnerable to Cross Site Scripting (XSS) — Advanced Social Pixel 5.9 Medium2023-03-20
CVE-2023-25064 WordPress WP htpasswd Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS) — WP htpasswd 5.9 Medium2023-03-20
CVE-2023-25794 WordPress Nooz Plugin <= 1.6.0 is vulnerable to Cross Site Scripting (XSS) — Nooz 5.9 Medium2023-03-20
CVE-2023-25795 WordPress Feed Changer Plugin <= 0.2 is vulnerable to Cross Site Scripting (XSS) — Feed Changer & Remover 5.9 Medium2023-03-20
CVE-2023-1507 SourceCodester E-Commerce System Category Name controller.php cross site scripting — E-Commerce System 3.5 Low2023-03-20
CVE-2023-25782 WordPress Service Area Postcode Checker Plugin <= 2.0.8 is vulnerable to Cross Site Scripting (XSS) — Service Area Postcode Checker 5.9 Medium2023-03-20
CVE-2023-1248 Possible XSS in Ticket Actions — OTRS 6.1 Medium2023-03-20
CVE-2023-1515 Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore 5.4 -2023-03-20
CVE-2023-1517 Cross-site Scripting (XSS) - DOM in pimcore/pimcore — pimcore/pimcore 5.4 -2023-03-20
CVE-2023-1500 code-projects Simple Art Gallery adminHome.php cross site scripting — Simple Art Gallery 3.5 Low2023-03-19
CVE-2023-1496 Cross-site Scripting (XSS) - Reflected in imgproxy/imgproxy — imgproxy/imgproxy 6.1 -2023-03-19
CVE-2023-1485 SourceCodester Young Entrepreneur E-Negosyo System GET Parameter index.php cross site scripting — Young Entrepreneur E-Negosyo System 3.5 Low2023-03-18
CVE-2023-1481 SourceCodester Monitoring of Students Cyber Accounts System POST Parameter cross site scripting — Monitoring of Students Cyber Accounts System 3.5 Low2023-03-18
CVE-2023-27592 Stored XSS in Miniflux when opening a broken image due to unescaped ServerError in proxy handler — v2 4.8 Medium2023-03-17
CVE-2023-25172 Discourse vulnerable to Cross-site Scripting - user name displayed on post — discourse 4.4 Medium2023-03-17
CVE-2023-26040 Discourse chat messages susceptible to Cross-site Scripting through chat excerpts — discourse 6.5 Medium2023-03-17
CVE-2022-45817 WordPress GC Testimonials Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS) — GC Testimonials 5.4 Medium2023-03-17
CVE-2022-45814 WordPress WP Calendar Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS) — WP Calendar 5.4 Medium2023-03-17
CVE-2022-43461 WordPress Slideshow SE Plugin <= 2.5.5 is vulnerable to Cross Site Scripting (XSS) — Slideshow SE 4.8 Medium2023-03-17
CVE-2023-1470 eCommerce Product Catalog plugin for WordPress <= 3.3.8 - Authenticated (Administrator+) Stored Cross-Site Scripting — eCommerce Product Catalog Plugin for WordPress 4.4 Medium2023-03-17
CVE-2023-1447 SourceCodester Medicine Tracker System cross site scripting — Medicine Tracker System 3.5 Low2023-03-17
CVE-2023-27494 Streamlit Cross-site Scripting vulnerability — streamlit 5.9 Medium2023-03-16
CVE-2023-28106 Pimcore vulnerable to Cross-site Scripting in UrlSlug Data type — pimcore 6.1 Medium2023-03-16
CVE-2021-36821 WordPress Forminator plugin <= 1.14.11 - Stored Cross-Site Scripting (XSS) vulnerability — Forminator 7.1 High2023-03-16
CVE-2022-41554 WordPress Slideshow SE Plugin <= 2.5.5 is vulnerable to Cross Site Scripting (XSS) — Slideshow SE 4.8 Medium2023-03-16
CVE-2022-40699 WordPress Yet Another Stars Rating Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS) — Yasr – Yet Another Stars Rating 5.4 Medium2023-03-16
CVE-2022-38971 WordPress BuddyForms Plugin <= 2.7.5 is vulnerable to Cross Site Scripting (XSS) — Post Form – Registration Form – Profile Form for User Profiles and Content Forms for User Submissions 4.7 Medium2023-03-16
CVE-2023-1429 Cross-site Scripting (XSS) - Reflected in pimcore/pimcore — pimcore/pimcore 5.4 -2023-03-16

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21546 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.