CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21523

21523 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2021-34650	eID Easy <= 4.6 Reflected Cross-Site Scripting — eID Easy	5.4	Medium	2021-09-20
CVE-2021-39325	OptinMonster <= 2.6.0 Reflected Cross-Site Scripting — OptinMonster	6.1	Medium	2021-09-20
CVE-2021-24657	Limit Login Attempts < 4.0.50 - Unauthenticated Stored Cross-Site Scripting — Limit Login Attempts	6.1	-	2021-09-20
CVE-2021-24640	Gutenslider < 5.2.0 - Contributor+ Stored XSS — WordPress Slider Block Gutenslider	5.4	-	2021-09-20
CVE-2021-24637	Fonts Plugin < 3.0.3 - Contributor+ Stored Cross-Site Scripting — Fonts Plugin \| Google Fonts Typography	5.4	-	2021-09-20
CVE-2021-24618	Donate With QRCode < 1.4.5 - Stored Cross-Site Scripting — Donate With QRCode	5.4	-	2021-09-20
CVE-2021-24613	Post Views Counter < 1.3.5 - Authenticated Stored XSS — Post Views Counter	4.8	-	2021-09-20
CVE-2021-24609	WP Mapa Politico Espana < 3.7.0- Authenticated Stored XSS — WP Mapa Politico España	4.8	-	2021-09-20
CVE-2021-24604	Availability Calendar < 1.2.2 - Authenticated Stored Cross-Site Scripting — Availability Calendar	4.8	-	2021-09-20
CVE-2021-24600	WP Dialog <= 1.2.5.5 - Authenticated Stored Cross-Site Scripting — WP Dialog	4.8	-	2021-09-20
CVE-2021-24597	You Shang <= 1.0.1 - Authenticated Stored Cross-Site Scripting — 有赏 You Shang	5.4	-	2021-09-20
CVE-2021-24596	youForms for WordPress <= 1.0.5 - Authenticated Stored Cross-Site Scripting — youForms for WordPress – Creating Forms for CopeCart	4.8	-	2021-09-20
CVE-2021-24587	Splash Header < 1.20.8 - Authenticated Stored Cross-Site Scripting (XSS) — Splash Header	5.4	-	2021-09-20
CVE-2021-24582	ThinkTwit < 1.7.1 - Authenticated Stored Cross-Site Scripting (XSS) — ThinkTwit	5.4	-	2021-09-20
CVE-2021-24530	Alojapro Widget <= 1.1.15 - Authenticated Stored Cross-Site Scripting (XSS) — Alojapro Widget	4.8	-	2021-09-20
CVE-2021-24525	Shortcodes Ultimate < 5.10.2 - Contributor+ Stored XSS — WordPress Shortcodes Plugin — Shortcodes Ultimate	5.4	-	2021-09-20
CVE-2021-3812	Cross-site Scripting (XSS) - Reflected in pi-hole/adminlte — pi-hole/adminlte	6.1	-	2021-09-17
CVE-2021-3811	Cross-site Scripting (XSS) - Reflected in pi-hole/adminlte — pi-hole/adminlte	6.1	-	2021-09-17
CVE-2021-33694	SAP ERP 跨站脚本漏洞 — SAP Cloud Connector	4.8	-	2021-09-15
CVE-2021-39205	DOM-based XSS/Content Spoofing via Prototype Pollution — jitsi-meet	6.8	Medium	2021-09-15
CVE-2021-3785	Cross-site Scripting (XSS) - Stored in yourls/yourls — yourls/yourls	6.1	-	2021-09-15
CVE-2021-3783	Cross-site Scripting (XSS) - Reflected in yourls/yourls — yourls/yourls	6.1	-	2021-09-15
CVE-2021-3780	Cross-site Scripting (XSS) - Stored in chocobozzz/peertube — chocobozzz/peertube	6.1	-	2021-09-15
CVE-2021-23027	F5 BIG-IP 跨站脚本漏洞 — BIG-IP	9.6	-	2021-09-14
CVE-2021-23037	F5 BIG-IP 跨站脚本漏洞 — BIG-IP	9.6	-	2021-09-14
CVE-2021-23038	F5 BIG-IP 跨站脚本漏洞 — BIG-IP	8.9	-	2021-09-14
CVE-2021-23041	F5 BIG-IP 跨站脚本漏洞 — BIG-IP	9.3	-	2021-09-14
CVE-2021-24724	Timetable and Event Schedule by MotoPress < 2.3.19 - Author+ Stored Cross-Site Scripting — Timetable and Event Schedule by MotoPress	5.4	-	2021-09-13
CVE-2021-24623	WordPress Advanced Ticket System < 1.0.64 - Authenticated Stored Cross-Site Scripting (XSS) — WordPress Advanced Ticket System, Elite Support Helpdesk	4.8	-	2021-09-13
CVE-2021-24621	WP Courses LMS < 2.0.44 - Authenticated Stored XSS via Video Embed Code — WP Courses LMS	6.9	-	2021-09-13

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21523 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21523