Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21530

21530 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-25080 Contact Form Entries < 1.1.7 - Unauthenticated Stored Cross-Site Scripting — Contact Form Entries – Contact Form 7, WPforms and more 6.1 -2022-01-24
CVE-2021-25079 Contact Form Entries < 1.2.4 - Reflected Cross-Site Scripting — Contact Form Entries – Contact Form 7, WPforms and more 6.1 -2022-01-24
CVE-2021-25078 Affiliates Manager < 2.9.0 - Unauthenticated Stored Cross-Site Scripting — Affiliates Manager 6.1 -2022-01-24
CVE-2021-25062 Orders Tracking for WooCommerce < 1.1.10 - Reflected Cross-Site Scripting — Orders Tracking for WooCommerce 6.1 -2022-01-24
CVE-2021-25049 Mobile Events Manager < 1.4.4 - Admin+ Stored Cross-Site Scripting — Mobile Events Manager 4.8 -2022-01-24
CVE-2021-25035 Backup and Staging by WP Time Capsule < 1.22.7 - Reflected Cross-Site Scripting — Backup and Staging by WP Time Capsule 6.1 -2022-01-24
CVE-2021-25031 Image Hover Effects Ultimate < 9.7.1 - Reflected Cross-Site Scripting — Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) 6.1 -2022-01-24
CVE-2021-25017 Tutor LMS < 1.9.12 - Reflected Cross-Site Scripting — Tutor LMS – eLearning and online course solution 6.1 -2022-01-24
CVE-2021-25015 myCred < 2.4 - Reflected Cross-Site Scripting — myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin 6.1 -2022-01-24
CVE-2021-25008 Code Snippets < 2.14.3 - Reflected Cross-Site Scripting — Code Snippets 6.1 -2022-01-24
CVE-2021-24985 Easy Forms for Mailchimp < 6.8.6 - Reflected Cross-Site Scripting — Easy Forms for Mailchimp 6.1 -2022-01-24
CVE-2021-24976 Smart SEO Tool < 3.0.6 - Reflected Cross-Site Scripting — Smart SEO Tool – SEO优化插件 6.1 -2022-01-24
CVE-2021-24974 Product Feed PRO for WooCommerce < 11.0.7 - Subscriber+ Settings Update to Stored XSS — Product Feed PRO for WooCommerce 5.4 -2022-01-24
CVE-2021-24965 Five Star Restaurant Reservations < 2.4.8 - Subscriber+ Stored Cross-Site Scripting — Five Star Restaurant Reservations – WordPress Booking Plugin 5.4 -2022-01-24
CVE-2021-24923 Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue < 3.1.25 - Reflected XSS — Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue 6.1 -2022-01-24
CVE-2021-24694 Simple Download Monitor < 3.9.11 - Contributor+ Stored Cross-Site Scripting via Shortcodes — Simple Download Monitor 5.4 -2022-01-24
CVE-2021-24423 UpdraftPlus < 1.16.59 - Admin+ Stored Cross-Site Scripting — UpdraftPlus WordPress Backup Plugin 4.8 -2022-01-24
CVE-2021-4103 Cross-site Scripting (XSS) - Stored in vanessa219/vditor — vanessa219/vditor 5.4 -2022-01-23
CVE-2021-4172 Cross-site Scripting (XSS) - Stored in star7th/showdoc — star7th/showdoc 5.4 -2022-01-22
CVE-2021-33848 Fresenius Kabi Agilia Connect Infusion System cross site scripting — Vigilant Software Suite (Mastermed Dashboard) 5.4 Medium2022-01-21
CVE-2022-0285 Cross-site Scripting (XSS) - Stored in pimcore/pimcore — pimcore/pimcore 5.4 -2022-01-20
CVE-2022-0282 Cross-site Scripting in microweber/microweber — microweber/microweber 4.3 Medium2022-01-20
CVE-2021-3866 Cross-site Scripting (XSS) - Stored in zulip/zulip — zulip/zulip 5.4 -2022-01-20
CVE-2022-0278 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweber 5.4 -2022-01-20
CVE-2021-4143 Cross-site Scripting (XSS) - Generic in bigbluebutton/bigbluebutton — bigbluebutton/bigbluebutton 6.1 -2022-01-19
CVE-2021-26247 Cacti 跨站脚本漏洞 — Cacti 6.1 -2022-01-19
CVE-2021-23225 Cacti 跨站脚本漏洞 — Cacti 5.4 -2022-01-19
CVE-2021-3816 Cacti 跨站脚本漏洞 — Cacti 5.4 -2022-01-19
CVE-2022-0243 Cross-site Scripting (XSS) - Stored in orchardcms/orchardcore — orchardcms/orchardcore 5.4 -2022-01-19
CVE-2022-0274 Cross-site Scripting (XSS) - Stored in orchardcms/orchardcore — orchardcms/orchardcore 5.4 -2022-01-19

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21530 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.