Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-0640 AP Pricing Tables Lite < 1.1.5 - Reflected Cross-Site Scripting — Pricing Table Builder – AP Pricing Tables Lite 6.1 -2022-03-21
CVE-2022-0628 AP Mega Menu < 3.0.8 - Reflected Cross-Site Scripting — Mega Menu Plugin for WordPress – AP Mega Menu 6.1 -2022-03-21
CVE-2022-0627 Amelia < 1.0.46 - Reflected Cross-Site Scripting — Amelia – Events & Appointments Booking Calendar 6.1 -2022-03-21
CVE-2022-0590 BulletProof Security < 5.8 - Admin+ Stored Cross-Site Scripting (XSS) — BulletProof Security 4.8 -2022-03-21
CVE-2022-0423 3D FlipBook < 1.12.1 - Subscriber+ Stored Cross-Site Scripting — 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery 5.4 -2022-03-21
CVE-2022-0364 Modern Events Calendar Lite < 6.4.0 - Contributor+ Stored Cross Site Scripting — Modern Events Calendar Lite 5.4 -2022-03-21
CVE-2021-25019 SEO Plugin by Squirrly SEO < 11.1.12 - Reflected Cross-Site Scripting — SEO Plugin by Squirrly SEO 6.1 -2022-03-21
CVE-2022-0475 Possible XSS attack via translation — OTRS 3.5 Low2022-03-21
CVE-2022-25605 WordPress WP-DownloadManager plugin <= 1.68.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities — WP-DownloadManager (WordPress) 4.8 Medium2022-03-18
CVE-2022-25604 WordPress Price Table plugin <= 0.2.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Price Table (WordPress plugin) 4.1 Medium2022-03-18
CVE-2021-23209 WordPress AMP for WP – Accelerated Mobile Pages plugin <= 1.0.77.32 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities — AMP for WP – Accelerated Mobile Pages (WordPress plugin) 4.8 Medium2022-03-18
CVE-2021-23150 WordPress AMP for WP – Accelerated Mobile Pages plugin <= 1.0.77.31 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — AMP for WP – Accelerated Mobile Pages (WordPress plugin) 4.8 Medium2022-03-18
CVE-2021-44760 WordPress WP-DownloadManager plugin <= 1.68.6 - Auth. Reflected Cross-Site Scripting (XSS) vulnerability — WP-DownloadManager (WordPress plugin) 4.8 Medium2022-03-18
CVE-2022-25603 WordPress MaxGalleria plugin <= 6.2.5 - Stored Cross-Site Scripting (XSS) vulnerability — MaxGalleria (WordPress plugin) 4.8 Medium2022-03-18
CVE-2022-0758 Rapid7 Nexpose Reflected XSS — Nexpose 3.3 Low2022-03-17
CVE-2021-33853 X2Engine X2CRM 跨站脚本漏洞 — X2CRM 5.4 -2022-03-16
CVE-2021-42552 Reflected XSS in Archivista — ArchivistaBox webclient 6.1 Medium2022-03-16
CVE-2022-0986 Reflected Cross-site Scripting (XSS) Vulnerability in hestiacp/hestiacp — hestiacp/hestiacp 6.1 -2022-03-16
CVE-2022-0705 Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore 5.4 -2022-03-16
CVE-2022-0704 Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore 5.4 -2022-03-16
CVE-2022-0911 Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore 5.4 -2022-03-16
CVE-2022-24728 Cross-site Scripting in CKEditor4 — ckeditor4 5.4 Medium2022-03-16
CVE-2022-0970 Cross-site Scripting (XSS) - Stored in getgrav/grav — getgrav/grav 5.4 -2022-03-15
CVE-2022-0964 Stored XSS viva .webmv file upload in star7th/showdoc — star7th/showdoc 5.4 -2022-03-15
CVE-2022-0965 Stored XSS viva .ofd file upload in star7th/showdoc — star7th/showdoc 5.4 -2022-03-15
CVE-2022-0966 Stored XSS via File Upload in star7th/showdoc in star7th/showdoc — star7th/showdoc 5.4 -2022-03-15
CVE-2022-0967 Stored XSS via File Upload in star7th/showdoc in star7th/showdoc in star7th/showdoc — star7th/showdoc 5.4 -2022-03-15
CVE-2022-0963 Unrestricted XML Files Leads to Stored XSS in microweber/microweber — microweber/microweber 5.4 -2022-03-15
CVE-2022-0942 Stored XSS due to Unrestricted File Upload in star7th/showdoc — star7th/showdoc 5.4 -2022-03-15
CVE-2022-0957 Stored XSS via File Upload in star7th/showdoc — star7th/showdoc 5.4 -2022-03-15

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.