Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21531

21531 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-29443 WordPress Hotel Booking plugin <= 3.0 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities — Hotel Booking (WordPress plugin) 4.1 Medium2022-06-15
CVE-2016-6556 OpenNMS Stored XSS via SNMP Agent Data — OpenNMS 7.1 High2022-06-15
CVE-2016-6555 OpenNMS Stored XSS via SNMP Trap Alerts — OpenNMS 7.1 High2022-06-15
CVE-2022-29442 Private Messages For WordPress <= 2.1.10 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Private Messages For WordPress (WordPress plugin) 5.4 Medium2022-06-15
CVE-2022-29440 WordPress Promotion Slider plugin <= 3.3.4 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities — Promotion Slider (WordPress plugin) 5.4 Medium2022-06-15
CVE-2022-29438 WordPress Image Slider by NextCode plugin <= 1.1.2 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability — Image Slider by NextCode – Photo & Video SLider (WordPress plugin) 4.8 Medium2022-06-15
CVE-2022-29406 WordPress Team Manager plugin <= 1.6.9 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities — WordPress Team Manager (WordPress plugin) 4.1 Medium2022-06-15
CVE-2022-27859 WordPress Travel Management plugin <= 2.0 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities — Travel Management (WordPress plugin) 4.1 Medium2022-06-15
CVE-2022-2087 SourceCodester Bank Management System cross site scripting — Bank Management System 3.5 Low2022-06-15
CVE-2021-36901 WordPress Age Gate plugin <= 2.17.0 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability — Age Gate (WordPress plugin) 6.1 Medium2022-06-15
CVE-2022-31048 Cross-Site Scripting in Form Framework — typo3 5.4 Medium2022-06-14
CVE-2022-31049 Cross-Site Scripting in Frontend Login Mailer — typo3 5.4 Medium2022-06-14
CVE-2022-31059 Discourse Calendar Event names susceptible to Cross-site Scripting — discourse-calendar 6.5 Medium2022-06-14
CVE-2022-29618 SAP NetWeaver Development Infrastructure 跨站脚本漏洞 — SAP NetWeaver Development Infrastructure (Design Time Repository) 6.1 -2022-06-14
CVE-2022-32286 Siemens Mendix SAML Module 跨站脚本漏洞 — Mendix SAML Module (Mendix 7 compatible) 6.1 -2022-06-14
CVE-2022-32145 Siemens Teamcenter Active Workspace 跨站脚本漏洞 — Teamcenter Active Workspace V5.2 6.1 -2022-06-14
CVE-2022-29034 Siemens SINEMA Remote Connect Server跨站脚本漏洞 — SINEMA Remote Connect Server 6.1 Medium2022-06-14
CVE-2022-2079 Cross-site Scripting (XSS) - Stored in nocodb/nocodb — nocodb/nocodb 5.4 -2022-06-14
CVE-2022-29455 WordPress Elementor plugin <= 3.5.5 - Unauthenticated DOM-based Reflected Cross-Site Scripting (XSS) vulnerability — Elementor Website Builder (WordPress plugin) 4.7 Medium2022-06-13
CVE-2022-1750 Sticky Popup <= 1.2 - Authenticated (Admin+) Stored Cross-Site Scripting — Sticky Popup 5.5 Medium2022-06-13
CVE-2022-1961 Google Tag Manager for WordPress (GTM4WP) <= 1.15.1 - Stored Cross-Site Scripting via Content Element ID — GTM4WP – A Google Tag Manager (GTM) plugin for WordPress 5.5 Medium2022-06-13
CVE-2022-0209 Mitsol Social Post Feed < 1.11 - Admin+ Stored Cross-Site Scripting — Mitsol Social Post Feed 4.8 -2022-06-13
CVE-2022-1820 Keep Backup Daily <= 2.0.2 - Reflected Cross-Site Scripting — Keep Backup Daily 6.1 Medium2022-06-13
CVE-2022-1707 Google Tag Manager for WordPress <= 1.15 - Reflected Cross-Site Scripting via Site Search — GTM4WP – A Google Tag Manager (GTM) plugin for WordPress 6.1 Medium2022-06-13
CVE-2022-1985 Download Manager <= 3.2.42 - Reflected Cross-Site Scripting — Download Manager 6.1 Medium2022-06-13
CVE-2022-1208 Ultimate Member <= 2.3.2 - Stored Cross-Site Scripting — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin 6.4 Medium2022-06-13
CVE-2022-1814 WP Admin Style <= 0.1.2 - Admin+ Stored Cross-Site Scripting — WP Admin Style 4.8 -2022-06-13
CVE-2022-1773 WP Athletics <= 1.1.7 - Reflected Cross-Site Scripting — WP Athletics 6.1 -2022-06-13
CVE-2022-1772 Google Places Review < 2.0.0 - Admin+ Stored Cross Site Scripting — Google Places Reviews 6.9 -2022-06-13
CVE-2022-1756 Newsletter < 7.4.5 - Reflected Cross-Site Scripting — Newsletter – Send awesome emails from WordPress 6.1 -2022-06-13

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.