Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21529

21529 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-36823 WordPress Absolutely Glamorous Custom Admin plugin <= 6.8 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — AGCA - Absolutely Glamorous Custom Admin (WordPress plugin) 6.6 Medium2021-09-23
CVE-2021-36873 WordPress iQ Block Country plugin <= 1.2.11 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability — iQ Block Country 5.5 Medium2021-09-23
CVE-2021-36872 WordPress Popular Posts plugin <= 5.3.3 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability — WordPress Popular Posts 5.5 Medium2021-09-23
CVE-2021-22948 revive-adserver 安全特征问题漏洞 — https://github.com/revive-adserver/revive-adserver 9.1 -2021-09-23
CVE-2021-37860 Mattermost 跨站脚本漏洞 — Mattermost 3.7 Low2021-09-22
CVE-2021-41086 Clipboard-based XSS in jsuites — jsuites 8.7 High2021-09-21
CVE-2021-34650 eID Easy <= 4.6 Reflected Cross-Site Scripting — eID Easy 5.4 Medium2021-09-20
CVE-2021-39325 OptinMonster <= 2.6.0 Reflected Cross-Site Scripting — OptinMonster 6.1 Medium2021-09-20
CVE-2021-24657 Limit Login Attempts < 4.0.50 - Unauthenticated Stored Cross-Site Scripting — Limit Login Attempts 6.1 -2021-09-20
CVE-2021-24640 Gutenslider < 5.2.0 - Contributor+ Stored XSS — WordPress Slider Block Gutenslider 5.4 -2021-09-20
CVE-2021-24637 Fonts Plugin < 3.0.3 - Contributor+ Stored Cross-Site Scripting — Fonts Plugin | Google Fonts Typography 5.4 -2021-09-20
CVE-2021-24618 Donate With QRCode < 1.4.5 - Stored Cross-Site Scripting — Donate With QRCode 5.4 -2021-09-20
CVE-2021-24613 Post Views Counter < 1.3.5 - Authenticated Stored XSS — Post Views Counter 4.8 -2021-09-20
CVE-2021-24609 WP Mapa Politico Espana < 3.7.0- Authenticated Stored XSS — WP Mapa Politico España 4.8 -2021-09-20
CVE-2021-24604 Availability Calendar < 1.2.2 - Authenticated Stored Cross-Site Scripting — Availability Calendar 4.8 -2021-09-20
CVE-2021-24600 WP Dialog <= 1.2.5.5 - Authenticated Stored Cross-Site Scripting — WP Dialog 4.8 -2021-09-20
CVE-2021-24597 You Shang <= 1.0.1 - Authenticated Stored Cross-Site Scripting — 有赏 You Shang 5.4 -2021-09-20
CVE-2021-24596 youForms for WordPress <= 1.0.5 - Authenticated Stored Cross-Site Scripting — youForms for WordPress – Creating Forms for CopeCart 4.8 -2021-09-20
CVE-2021-24587 Splash Header < 1.20.8 - Authenticated Stored Cross-Site Scripting (XSS) — Splash Header 5.4 -2021-09-20
CVE-2021-24582 ThinkTwit < 1.7.1 - Authenticated Stored Cross-Site Scripting (XSS) — ThinkTwit 5.4 -2021-09-20
CVE-2021-24530 Alojapro Widget <= 1.1.15 - Authenticated Stored Cross-Site Scripting (XSS) — Alojapro Widget 4.8 -2021-09-20
CVE-2021-24525 Shortcodes Ultimate < 5.10.2 - Contributor+ Stored XSS — WordPress Shortcodes Plugin — Shortcodes Ultimate 5.4 -2021-09-20
CVE-2021-3812 Cross-site Scripting (XSS) - Reflected in pi-hole/adminlte — pi-hole/adminlte 6.1 -2021-09-17
CVE-2021-3811 Cross-site Scripting (XSS) - Reflected in pi-hole/adminlte — pi-hole/adminlte 6.1 -2021-09-17
CVE-2021-33694 SAP ERP 跨站脚本漏洞 — SAP Cloud Connector 4.8 -2021-09-15
CVE-2021-39205 DOM-based XSS/Content Spoofing via Prototype Pollution — jitsi-meet 6.8 Medium2021-09-15
CVE-2021-3785 Cross-site Scripting (XSS) - Stored in yourls/yourls — yourls/yourls 6.1 -2021-09-15
CVE-2021-3783 Cross-site Scripting (XSS) - Reflected in yourls/yourls — yourls/yourls 6.1 -2021-09-15
CVE-2021-3780 Cross-site Scripting (XSS) - Stored in chocobozzz/peertube — chocobozzz/peertube 6.1 -2021-09-15
CVE-2021-23027 F5 BIG-IP 跨站脚本漏洞 — BIG-IP 9.6 -2021-09-14

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21529 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.