Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-24932 Auto Featured Image < 3.9.3 - Reflected Cross-Site Scripting — Auto Featured Image (Auto Post Thumbnail) 6.1 -2021-12-13
CVE-2021-24925 Modern Events Calendar Lite < 6.1.5 - Reflected Cross-Site Scripting — Modern Events Calendar Lite 6.1 -2021-12-13
CVE-2021-24896 Caldera forms < 1.9.5 - Admin+ Stored Cross-Site Scripting — Caldera Forms – More Than Contact Forms 4.8 -2021-12-13
CVE-2021-24871 Get Custom Field Values < 4.0.1 - Contributor+ Stored Cross-Site Scripting — Get Custom Field Values 5.4 -2021-12-13
CVE-2021-24855 Display Post Metadata < 1.5.0 - Contributor+ Stored Cross-Site Scripting — Display Post Metadata 5.4 -2021-12-13
CVE-2021-24817 Ultimate NoFollow <= 1.4.8 - Contributor+ Stored Cross-Site Scripting — Ultimate Nofollow 5.4 -2021-12-13
CVE-2021-24792 Shiny Buttons <= 1.1.0 - Unauthenticated Stored Cross-Site Scripting — Shiny Buttons – CSS3 Button Generator for WordPress 5.4 -2021-12-13
CVE-2021-24782 Flex Local Fonts <= 1.0.0 - Admin+ Stored Cross-Site-Scripting — Flex Local Fonts 4.8 -2021-12-13
CVE-2021-24771 Inspirational Quote Rotator <= 1.0.0 - Admin+ Stored Cross-Site Scripting — Inspirational Quote Rotator 4.8 -2021-12-13
CVE-2021-24756 WP System Log < 1.0.21 - Unauthenticated Stored Cross-Site Scripting — WP System Log 6.1 -2021-12-13
CVE-2021-36911 WordPress Comment Engine Pro plugin <= 1.0 - Stored Cross-Site Scripting (XSS) vulnerability — Comment Engine Pro (WordPress plugin) 4.8 Medium2021-12-10
CVE-2021-4084 Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore 5.4 -2021-12-10
CVE-2021-4081 Cross-site Scripting (XSS) - Reflected in pimcore/pimcore — pimcore/pimcore 5.4 -2021-12-10
CVE-2021-4038 NSM vulnerable to XSS — McAfee Network Security Manager (NSM) 4.8 Medium2021-12-09
CVE-2021-23860 Reflected Cross Site Scripting (XSS) vulnerability in Bosch VRM / BVMS — BVMS 5.0 Medium2021-12-08
CVE-2021-4050 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat — livehelperchat/livehelperchat 6.1 -2021-12-08
CVE-2021-43808 Blade `@parent` Exploitation Leading To Possible XSS in Laravel — framework 5.3 Medium2021-12-07
CVE-2021-43810 Cross-site Scripting (XSS) when redirect an url — admidio 8.8 High2021-12-07
CVE-2021-29116 BUG-000142180 Hosted feature services vulnerable to stored XSS — ArcGIS Server 6.1 -2021-12-07
CVE-2021-25041 Photo Gallery by 10Web < 1.5.68 - Reflected Cross-Site Scripting (XSS) — Photo Gallery by 10Web – Mobile-Friendly Image Gallery 6.1 -2021-12-06
CVE-2021-24939 LoginWP < 3.0.0.5 - Reflected Cross-Site Scripting — LoginWP (Formerly Peter's Login Redirect) 6.1 -2021-12-06
CVE-2021-24938 WooCommerce Currency Switcher < 1.3.7.1 - Reflected Cross-Site Scripting — WOOCS – Currency Switcher for WooCommerce. Professional and Free multi currency plugin – Pay in selected currency 5.4 -2021-12-06
CVE-2021-24935 WP Google Fonts < 3.1.5 - Reflected Cross-Site Scripting — WP Google Fonts 6.1 -2021-12-06
CVE-2021-24930 Bookly < 20.3.1 - Staff Member Stored Cross-Site Scripting — WordPress Online Booking and Scheduling Plugin – Bookly 5.4 -2021-12-06
CVE-2021-24924 Email Log < 2.4.8 - Reflected Cross-Site Scripting — Email Log 6.1 -2021-12-06
CVE-2021-24759 PDF.js Viewer < 2.0.2 - Contributor+ Stored Cross-Site Scripting — PDF.js Viewer 5.4 -2021-12-06
CVE-2021-24718 ARForms Form Builder < 1.5 - Admin+ Stored Cross Site Scripting — Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder 4.8 -2021-12-06
CVE-2021-24714 WP All Import < 3.6.3 - Admin+ Stored Cross-Site Scripting — Import any XML or CSV File to WordPress 4.8 -2021-12-06
CVE-2021-43991 Persistent XSS via Avatar Upload in Kentico Xperience CMS — Kentico Xperience XMS 6.8 Medium2021-12-03
CVE-2015-20106 ClickBank Affiliate Ads <= 1.20 - Admin+ Stored Cross-Site Scripting — ClickBank Affiliate Ads 4.8 -2021-12-02

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.