Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21532

21532 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-34853 WordPress Team plugin <= 1.2.6 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities — Team (WordPress plugin) 4.1 Medium2022-07-22
CVE-2022-33191 WordPress Testimonials plugin <= 3.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Testimonials (WordPress plugin) 4.1 Medium2022-07-22
CVE-2022-2510 Potential XSS on Special:SearchCenter — BlueSpice 4.3 Medium2022-07-22
CVE-2022-2511 Potential XSS in title URL parameter — BlueSpice 4.3 Medium2022-07-22
CVE-2022-2470 Cross-site Scripting (XSS) - Reflected in microweber/microweber — microweber/microweber 6.1 -2022-07-22
CVE-2022-2495 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweber 4.8 -2022-07-22
CVE-2022-2494 Cross-site Scripting (XSS) - Stored in openemr/openemr — openemr/openemr 5.4 -2022-07-22
CVE-2022-30536 WordPress WP Maintenance plugin <= 6.0.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — WP Maintenance (WordPress plugin) 3.4 Low2022-07-21
CVE-2022-29923 WordPress Quick Restaurant Reservations plugin <= 1.4.1 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability — Quick Restaurant Reservations (WordPress plugin) 5.9 Medium2022-07-20
CVE-2021-36849 WordPress Social Media Share Buttons plugin <= 3.8.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Social Media Share Buttons | MashShare (WordPress plugin) 3.4 Low2022-07-20
CVE-2022-2199 ICSA-22-200-01 MiCODUS MV720 GPS tracker Cross-site Scripting — MV720 7.5 High2022-07-20
CVE-2022-31160 jQuery UI contains potential XSS vulnerability when refreshing a checkboxradio with an HTML-like initial text label — jquery-ui 6.1 Medium2022-07-20
CVE-2022-27545 HCL BigFix Web Reports authorized users may perform HTML injection. — HCL BigFix 4.6 Medium2022-07-19
CVE-2022-2101 Download Manager <= 3.2.46 - Contributor+ Cross-Site Scripting — Download Manager 6.4 Medium2022-07-18
CVE-2022-2194 Accept Stripe Payments < 2.0.64 - Admin+ Stored Cross-Site Scripting — Accept Stripe Payments 4.8 -2022-07-17
CVE-2022-2187 Contact Form 7 Captcha < 0.1.2 - Reflected Cross-Site Scripting — Contact Form 7 Captcha 6.1 -2022-07-17
CVE-2022-2186 Simple Post Notes < 1.7.6 - Admin+ Stored Cross-Site Scripting — Simple Post Notes 4.8 -2022-07-17
CVE-2022-2173 Advanced Database Cleaner < 3.1.1 - Reflected Cross-Site Scripting — Advanced Database Cleaner 6.1 -2022-07-17
CVE-2022-2169 Loading Page with Loading Screen < 1.0.83 - Admin+ Stored Cross-Site Scripting — Loading Page with Loading Screen 4.8 -2022-07-17
CVE-2022-2168 Download Manager < 3.2.44 - Reflected Cross-Site Scripting — Download Manager 6.1 -2022-07-17
CVE-2022-2151 Best Contact Management Software <= 3.7.3 - Admin+ Stored Cross-Site Scripting — Best Contact Management Software for WordPress 4.8 -2022-07-17
CVE-2022-2149 Very Simple Breadcrumb <= 1.0 - Admin+ Stored Cross-Site Scripting — Very Simple Breadcrumb 4.8 -2022-07-17
CVE-2022-2148 LinkedIn Company Updates <= 1.5.3 - Admin+ Stored Cross-Site Scripting — LinkedIn Company Updates 4.8 -2022-07-17
CVE-2022-2118 404s < 3.5.1 - Admin+ Stored Cross-Site Scripting — 404s 4.8 -2022-07-17
CVE-2022-2114 Data Tables Generator by Supsystic < 1.10.20 - Admin+ Stored Cross-Site Scripting — Data Tables Generator by Supsystic 4.8 -2022-07-17
CVE-2022-2100 Page Generator Plugin < 1.6.5 - Admin+ Stored Cross-Site Scripting — Page Generator 4.8 -2022-07-17
CVE-2022-2090 Woo Discount Rules < 2.4.2 - Reflected Cross-Site Scripting — Discount Rules for WooCommerce 6.1 -2022-07-17
CVE-2022-1933 CDI < 5.1.9 - Reflected Cross-Site-Scripting — CDI – Collect and Deliver Interface for Woocommerce 6.1 -2022-07-17
CVE-2022-25869 Angular 跨站脚本漏洞 — angular 4.2 Medium2022-07-15
CVE-2022-23201 Adobe RoboHelp Reflected XSS could lead to Arbitrary code execution — RoboHelp 6.1 -2022-07-15

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.