Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-25089 UpdraftPlus < 1.16.69 - Reflected Cross-Site Scripting — UpdraftPlus WordPress Backup Plugin 6.1 -2022-02-01
CVE-2021-25085 WOOF - Products Filter for WooCommerce < 1.2.6.3 - Reflected Cross-Site Scripting — WOOF – Products Filter for WooCommerce 6.1 -2022-02-01
CVE-2021-25063 Contact Form 7 Skins < 2.5.1 - Reflected Cross-Site Scripting (XSS) — Skins for Contact Form 7 6.1 -2022-02-01
CVE-2021-24983 Asset CleanUp < 1.3.8.5 - Reflected Cross-Site Scripting via AJAX Action — Asset CleanUp: Page Speed Booster 6.1 -2022-02-01
CVE-2021-24944 Custom Dashboard & Login Page < 7.0 - Admin+ Stored Cross-Site Scripting — Custom Dashboard & Login Page – AGCA 4.8 -2022-02-01
CVE-2021-24975 NextScripts: Social Networks Auto-Poster < 4.3.24 - Unauthenticated Stored XSS — NextScripts: Social Networks Auto-Poster 6.1 -2022-02-01
CVE-2021-24937 Asset CleanUp < 1.3.8.5 - Reflected Cross-Site Scripting — Asset CleanUp: Page Speed Booster 6.1 -2022-02-01
CVE-2021-24934 Visual CSS Style Editor < 7.5.4 - Reflected Cross-Site Scripting — Visual CSS Style Editor 6.1 -2022-02-01
CVE-2021-24900 Ninja Tables < 4.1.8 - Admin+ Stored Cross-Site Cross-Site Scripting — Ninja Tables – Best WP DataTables Plugin for WordPress 4.8 -2022-02-01
CVE-2022-23598 Reflected XSS vulnerability when rendering error messages in laminas-form — laminas-form 6.1 Medium2022-01-28
CVE-2022-0395 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat — livehelperchat/livehelperchat 5.4 -2022-01-28
CVE-2022-0352 Cross-site Scripting (XSS) - Reflected in janeczku/calibre-web — janeczku/calibre-web 6.1 -2022-01-28
CVE-2021-23174 WordPress Download Monitor plugin <= 4.4.6 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — Download Monitor 3.4 Low2022-01-28
CVE-2022-0394 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat — livehelperchat/livehelperchat 5.4 -2022-01-28
CVE-2022-0348 Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore 5.4 -2022-01-27
CVE-2022-0372 Cross-site Scripting (XSS) - Stored in crater-invoice/crater — crater-invoice/crater 5.4 -2022-01-27
CVE-2022-0370 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat — livehelperchat/livehelperchat 5.4 -2022-01-27
CVE-2022-0387 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat — livehelperchat/livehelperchat 5.4 -2022-01-27
CVE-2022-0378 Cross-site Scripting (XSS) - Reflected in microweber/microweber — microweber/microweber 6.1 -2022-01-26
CVE-2022-0379 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweber 5.4 -2022-01-26
CVE-2022-0251 Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore 5.4 -2022-01-26
CVE-2022-0375 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat — livehelperchat/livehelperchat 5.4 -2022-01-26
CVE-2022-0374 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat — livehelperchat/livehelperchat 5.4 -2022-01-26
CVE-2022-23013 F5 BIG-IP 跨站脚本漏洞 — BIG-IP DNS & GTM 8.8 -2022-01-25
CVE-2021-40337 OWASP Related Vulnerabilities in Hitachi Energy’s LinkOne Product — LinkOne 4.2 Medium2022-01-25
CVE-2022-0268 Cross-site Scripting (XSS) - Stored in getgrav/grav — getgrav/grav 5.4 -2022-01-25
CVE-2022-21715 Cross-site Scripting Vulnerability in CodeIgniter4 — CodeIgniter4 5.4 Medium2022-01-24
CVE-2022-21710 Cross-site Scripting in ShortDescription extension — mediawiki-extensions-ShortDescription 4.7 Medium2022-01-24
CVE-2021-25083 Registrations for the Events Calendar < 2.7.10 - Reflected Cross-Site Scripting — Registrations for the Events Calendar – Event Registration Plugin 6.1 -2022-01-24
CVE-2021-25080 Contact Form Entries < 1.1.7 - Unauthenticated Stored Cross-Site Scripting — Contact Form Entries – Contact Form 7, WPforms and more 6.1 -2022-01-24

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.