WordPress EthereumICO Plugin <= 2.4.3 is vulnerable to Cross Site Scripting (XSS)

Software EthereumICO Type Plugin Vulnerable versions = 2.4.3 Fixed in 2.4.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 90b8bd0e67cf Credits Rafie Muhammad Patchstack Required...

WordPress WordPress Form Builder Plugin – Gutenberg Forms Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Form Builder Plugin – Gutenberg Forms Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.4.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 994f2f3ecc26 Credits Rafi...

WordPress Elementor Addon Elements Plugin <= 1.11.16 is vulnerable to Cross Site Scripting (XSS)

Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.11.16 Fixed in 1.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer WPVibes PSID 41872ea94dbe Credits Rafie Muhammad Patchstack Required...

WordPress RSS Control Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)

Software RSS Control Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID ab1aa164e48c Credits Rafie Muhammad Patchstack Required...

WordPress CF7 ReCaptcha Mine Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software CF7 ReCaptcha Mine Type Plugin Vulnerable versions = 1.0.2 Fixed in 2.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 98006570d580 Credits Rafie Muhammad Patchstack Require...

WordPress WN Flipbox Pro Plugin <= 1.15 is vulnerable to Cross Site Scripting (XSS)

Software WN Flipbox Pro Type Plugin Vulnerable versions = 1.15 Fixed in 2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID ef85e7e1358f Credits Rafie Muhammad Patchstack Required...

WordPress WP Cloud Server Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Cloud Server Type Plugin Vulnerable versions = 1.3.0 Fixed in 2.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 8cdd8c408320 Credits Rafie Muhammad Patchstack Required...

WordPress eRoom – Zoom Meetings & Webinar Plugin <= 1.3.3 is vulnerable to Cross Site Scripting (XSS)

Software eRoom – Zoom Meetings & Webinar Type Plugin Vulnerable versions = 1.3.3 Fixed in 1.3.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID b1f873edfbfb Credits Rafie Muhammad...

WordPress Advanced Custom Fields Frontend Forms Plugin <= 1.3.4 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Custom Fields Frontend Forms Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID e7bf47e904be Credits Rafie Muhammad...

WordPress 360 Javascript Viewer Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS)

Software 360 Javascript Viewer Type Plugin Vulnerable versions = 1.5.2 Fixed in 1.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 954a4a07facd Credits Rafie Muhammad Patchstack...

WordPress WPEForm Lite – Drag and Drop Live Form Builder for Contact, Payment & Quiz Forms Plugin <= 1.6.4 is vulnerable to Cross Site Scripting (XSS)

Software WPEForm Lite – Drag and Drop Live Form Builder for Contact, Payment & Quiz Forms Type Plugin Vulnerable versions = 1.6.4 Fixed in 1.6.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownersh...

WordPress Gallery Blocks with Lightbox Plugin <= 3.1.4 is vulnerable to Cross Site Scripting (XSS)

Software Gallery Blocks with Lightbox Type Plugin Vulnerable versions = 3.1.4 Fixed in 3.1.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID d7974f5d5d32 Credits Rafie Muhammad Patchsta...

WordPress WPEventPartners Demo Import Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software WPEventPartners Demo Import Type Plugin Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID a8b8e9b1e719 Credits Rafie Muhammad Patchstac...

WordPress Terms & Conditions Per Product Plugin <= 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Terms & Conditions Per Product Type Plugin Vulnerable versions = 1.2.5 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9198dad42c20 Credits Rafie Muhammad...

WordPress DeMomentSomTres Subscribe Plugin <= 3.201706150908 is vulnerable to Cross Site Scripting (XSS)

Software DeMomentSomTres Subscribe Type Plugin Vulnerable versions = 3.201706150908 Fixed in 3.201903272301 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID c4ea936848b0 Credits Rafie...

WordPress Woocommerce Delivery Date Premium Plugin <= 2.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Woocommerce Delivery Date Premium Type Plugin Vulnerable versions = 2.1.3 Fixed in 2.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID c26f3fc67ca0 Credits Rafie Muhammad...

WordPress Greenshift – animation and page builder blocks Plugin <= 2.8.4 is vulnerable to Cross Site Scripting (XSS)

Software Greenshift – animation and page builder blocks Type Plugin Vulnerable versions = 2.8.4 Fixed in 4.8.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 468204672d41 Credits Rafie...

WordPress Checkbox Plugin <= 0.8.3 is vulnerable to Cross Site Scripting (XSS)

Software Checkbox Type Plugin Vulnerable versions = 0.8.3 Fixed in 0.8.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 36822a9c98e8 Credits Rafie Muhammad Patchstack Required privileg...

WordPress Go Fetch Jobs (for WP Job Manager) Plugin <= 1.8.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Go Fetch Jobs for WP Job Manager Type Plugin Vulnerable versions = 1.8.2.2 Fixed in 1.8.4.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 4f78961ea025 Credits Rafie Muhammad...

WordPress FormsCRM Plugin <= 3.5.1 is vulnerable to Cross Site Scripting (XSS)

Software FormsCRM Type Plugin Vulnerable versions = 3.5.1 Fixed in 3.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID bf6f153f12ef Credits Rafie Muhammad Patchstack Required privilege...