CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21527

21527 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2021-24850	Insert Pages < 3.7.0 - Contributor+ Stored Cross-Site Scripting — Insert Pages	5.4	-	2021-11-17
CVE-2021-24841	Helpful < 4.4.59 - Admin+ Stored Cross-Site Scripting — Helpful	4.8	-	2021-11-17
CVE-2021-24834	YOP Poll < 6.3.1 - Author+ Stored Cross-Site Scripting via Options Module — YOP Poll	5.4	-	2021-11-17
CVE-2021-24833	YOP Poll < 6.3.1 - Author+ Stored Cross-Site Scripting via Preview Module — YOP Poll	5.4	-	2021-11-17
CVE-2021-24815	Paypal Donation < 1.3.2 - Admin+ Stored Cross-Site Scripting — Accept Donations with PayPal	4.8	-	2021-11-17
CVE-2021-24796	My Tickets < 1.8.31 - Unauthenticated Stored Cross-Site Scripting — My Tickets	6.1	-	2021-11-17
CVE-2021-24787	Client Invoicing by Sprout Invoices < 19.9.7 - Admin+ Stored Cross-Site Scripting — Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress	4.8	-	2021-11-17
CVE-2021-24598	Testimonial Builder < 1.6.0 - Admin+ Stored Cross-Site Scripting — Testimonial	4.8	-	2021-11-17
CVE-2021-41164	Advanced Content Filter (ACF) vulnerability allowing to execute JavaScript code using malformed HTML — ckeditor4	8.2	High	2021-11-17
CVE-2021-41258	Cross-site scripting (XSS) from image block content in the site frontend — kirby	7.3	High	2021-11-16
CVE-2021-41252	Cross-site scripting (XSS) from writer field content in the site frontend — kirby	7.3	High	2021-11-16
CVE-2021-25984	FactorJS - Stored Cross-Site Scripting (XSS) in Post Reply Functionality — Factor	6.1	Medium	2021-11-16
CVE-2021-25983	FactorJS - Reflected Cross-Site Scripting (XSS) in Tags and Categories Functionality — Factor	6.1	Medium	2021-11-16
CVE-2021-25982	FactorJS - Reflected Cross-Site Scripting (XSS) in Search Functionality — Factor	6.1	Medium	2021-11-16
CVE-2021-42703	AzeoTech DAQFactory — HMI Designer	5.4	Medium	2021-11-15
CVE-2021-42838	Grand Vice info Co. webopac7 - Reflected XSS — webopac7	6.1	Medium	2021-11-15
CVE-2021-3938	Cross-site Scripting (XSS) - Generic in snipe/snipe-it — snipe/snipe-it	5.4	-	2021-11-13
CVE-2021-3945	Cross-site Scripting (XSS) - Stored in django-helpdesk/django-helpdesk — django-helpdesk/django-helpdesk	6.1	-	2021-11-13
CVE-2021-34357	Reflected XSS Vulnerability in QmailAgent — QmailAgent	6.9	Medium	2021-11-13
CVE-2021-34582	Phoenix Contact: FL MGUARD XSS through web-based management and REST API — FL MGUARD	4.8	Medium	2021-11-10
CVE-2021-25975	Publify - Stored Cross-Site Scripting (XSS) due to Unrestricted File Upload — publify_core	5.4	Medium	2021-11-10
CVE-2021-25974	Publify - Stored Cross-Site Scripting (XSS) in Editor — publify_core	5.4	Medium	2021-11-10
CVE-2021-24807	Support Board < 3.3.5 - Agent+ Stored Cross-Site Scripting — Support Board	5.4	-	2021-11-08
CVE-2021-24798	WP Header Images < 2.0.1 - Reflected Cross-Site Scripting — WP Header Images	6.1	-	2021-11-08
CVE-2021-24710	Print-O-Matic < 2.0.3 - Admin+ Stored Cross-Site Scripting — Print-O-Matic	4.8	-	2021-11-08
CVE-2021-24708	WP All Export < 1.3.1 - Admin+ Stored Cross-Site Scripting — Export any WordPress data to XML/CSV	4.8	-	2021-11-08
CVE-2021-24706	Qwizcards < 3.62 - Admin+ Stored Cross Site Scripting — Qwizcards – online quizzes and flashcards	4.8	-	2021-11-08
CVE-2021-24701	Quiz Tool Lite <= 2.3.15 - Multiple Admin+ Stored Cross-Site Scripting — Quiz Tool Lite	4.8	-	2021-11-08
CVE-2021-24697	Simple Download Monitor < 3.9.5 - Reflected Cross-Site Scripting — Simple Download Monitor	6.1	-	2021-11-08
CVE-2021-24693	Simple Download Monitor < 3.9.5 - Contributor+ Stored Cross-Site Scripting via File Thumbnail — Simple Download Monitor	7.6	-	2021-11-08

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21527 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21527