Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-1075 College Website Management System Contact cross site scripting — College Website Management System 3.5 Low2022-03-29
CVE-2022-0818 Coupon Affiliates < 4.16.4.5 - Unauthenticated Stored XSS — WooCommerce Affiliate Plugin – Coupon Affiliates 6.1 -2022-03-28
CVE-2022-0680 Plezi < 1.0.3 - Unauthenticated Stored XSS — Plezi 6.1 -2022-03-28
CVE-2022-0647 Bulk Creator <= 1.0.1 - Reflected Cross-Site Scripting — Bulk Creator 6.1 -2022-03-28
CVE-2022-0643 Bank Mellat <= 1.3.7 - Reflected Cross-Site Scripting — Bank Mellat 6.1 -2022-03-28
CVE-2022-0641 Popup Like box < 3.6.1 - Reflected Cross-Site Scripting — Popup Like box – Page Plugin 6.1 -2022-03-28
CVE-2022-0621 dTabs <= 1.4 - Reflected Cross-Site Scripting — dTabs 6.1 -2022-03-28
CVE-2022-0620 Delete Old Orders <= 0.2 - Reflected Cross-Site Scripting — Delete Old Orders 6.1 -2022-03-28
CVE-2022-0619 Database Peek <= 1.2 - Reflected Cross-Site Scripting — Database Peek 6.1 -2022-03-28
CVE-2022-0600 Conference Scheduler < 2.4.3 - Reflected Cross-Site Scripting — Conference Scheduler 6.1 -2022-03-28
CVE-2022-0599 Mapping Multiple URLs Redirect Same Page <= 5.8 - Reflected Cross-Site Scripting — Mapping multiple URLs redirect same page 6.1 -2022-03-28
CVE-2022-0595 Drag and Drop Multiple File Upload - Contact Form 7 < 1.3.6.3 - Unauthenticated Stored XSS — Drag and Drop Multiple File Upload – Contact Form 7 5.4 -2022-03-28
CVE-2022-0397 WPC Smart Wishlist for WooCommerce < 2.9.4 - Reflected Cross-Site Scripting — WPC Smart Wishlist for WooCommerce 5.4 -2022-03-28
CVE-2022-0388 Interactive Medical Drawing of Human Body < 2.6 - Admin+ Stored XSS — Interactive Medical Drawing of Human Body 4.8 -2022-03-28
CVE-2021-25071 Akismet Privacy Policies <= 2.0.1 - Reflected Cross-Site Scripting — Akismet Privacy Policies 6.1 -2022-03-28
CVE-2021-25012 Pz-LinkCard <= 2.4.4.4 - Reflected Cross-Site Scripting — Pz-LinkCard 6.1 -2022-03-28
CVE-2021-24746 Sassy Social Share < 3.3.40 - Reflected Cross-Site Scripting — Social Sharing Plugin – Sassy Social Share 6.1 -2022-03-28
CVE-2021-20323 Red Hat Keycloak 跨站脚本漏洞 — keycloak-services 6.1 -2022-03-25
CVE-2022-25612 WordPress Simple Event Planner plugin <= 1.5.4 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities — Simple Event Planner (WordPress plugin) 4.1 Medium2022-03-25
CVE-2022-25611 WordPress Simple Event Planner plugin <= 1.5.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Simple Event Planner (WordPress plugin) 4.1 Medium2022-03-25
CVE-2022-25610 WordPress Simple Ajax Chat plugin <= 20220115 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability — Simple Ajax Chat (WordPress plugin) 3.4 Low2022-03-25
CVE-2022-25606 WordPress WP-DownloadManager plugin <= 1.68.5 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities — WP-DownloadManager (WordPress) 4.8 Medium2022-03-25
CVE-2022-0955 Cross-site Scripting (XSS) - Stored in pimcore/data-hub — pimcore/data-hub 5.4 -2022-03-24
CVE-2022-0145 Cross-site Scripting (XSS) - Stored in forkcms/forkcms — forkcms/forkcms 5.4 -2022-03-24
CVE-2022-0750 Photoswipe Masonry Gallery <= 1.2.14 Stored Cross-Site Scripting — Photoswipe Masonry Gallery 6.4 Medium2022-03-23
CVE-2022-0834 Amelia <= 1.0.46 - Stored Cross Site Scripting via lastName — Booking for Appointments and Events Calendar – Amelia 7.2 High2022-03-23
CVE-2022-0889 Ninja Forms - File Uploads Extension <= 3.3.12 - Reflected Cross-Site Scripting — Ninja Forms - File Uploads 7.2 High2022-03-23
CVE-2022-25609 WordPress Yoo Slider plugin <= 2.0.0 - Stored Cross-Site Scripting (XSS) vulnerability — Yoo Slider – Image Slider & Video Slider (WordPress plugin) 5.4 Medium2022-03-23
CVE-2022-0858 Cross-site scripting vulnerability in ePO — McAfee ePolicy Orchestrator (ePO) 4.3 Medium2022-03-23
CVE-2022-0857 ePO Reflected Cross-site scripting vulnerability — McAfee ePolicy Orchestrator (ePO) 5.4 Medium2022-03-23

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.