WordPress Yatri Tools Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Yatri Tools Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 84e7df9e0b09 Credits Rafie Muhammad Patchstack Required...

WordPress Product Image Watermark for Woo Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Product Image Watermark for Woo Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 75275bbab7e3 Credits Rafie Muhammad...

WordPress WP Google Street View (with 360° virtual tour) & Google maps + Local SEO Plugin < 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Google Street View with 360° virtual tour & Google maps + Local SEO Type Plugin Vulnerable versions 1.1.1 Fixed in 1.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress ActiveCampaign Email Preference Center Plugin < 2.0.12 is vulnerable to Cross Site Scripting (XSS)

Software ActiveCampaign Email Preference Center Type Plugin Vulnerable versions 2.0.12 Fixed in 2.0.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0ae883cf0c33 Credits Rafie...

WordPress Superfast Mailgun for the Newsletter plugin Plugin < 1.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Superfast Mailgun for the Newsletter plugin Type Plugin Vulnerable versions 1.2.4 Fixed in 1.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 05f4a612540e Credits Rafie...

WordPress Dreamfox Media Payment gateway per Product for Woocommerce Plugin < 3.2.7 is vulnerable to Cross Site Scripting (XSS)

Software Dreamfox Media Payment gateway per Product for Woocommerce Type Plugin Vulnerable versions 3.2.7 Fixed in 3.2.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f228b3d2c1e8...

WordPress Salt Shaker Plugin < 1.4.2 is vulnerable to Cross Site Scripting (XSS)

Software Salt Shaker Type Plugin Vulnerable versions 1.4.2 Fixed in 1.4.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d1572d197983 Credits Rafie Muhammad Patchstack Required...

WordPress Bulk Edit Posts and Products in Spreadsheet Plugin < 2.25.4 is vulnerable to Cross Site Scripting (XSS)

Software Bulk Edit Posts and Products in Spreadsheet Type Plugin Vulnerable versions 2.25.4 Fixed in 2.25.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3a91970ca500 Credits Rafi...

WordPress Cryptocurrency Product for WooCommerce Plugin < 3.16.10 is vulnerable to Cross Site Scripting (XSS)

Software Cryptocurrency Product for WooCommerce Type Plugin Vulnerable versions 3.16.10 Fixed in 3.16.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 10effe065692 Credits Rafie...

WordPress Easy Zillow Reviews Plugin < 1.6.2 is vulnerable to Cross Site Scripting (XSS)

Software Easy Zillow Reviews Type Plugin Vulnerable versions 1.6.2 Fixed in 1.6.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0f45d71ee4e7 Credits Rafie Muhammad Patchstack...

WordPress Glossary Plugin < 2.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Glossary Type Plugin Vulnerable versions 2.2.4 Fixed in 2.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ec7d0be9f6b5 Credits Rafie Muhammad Patchstack Required...

WordPress Giveaways for woocommerce Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Giveaways for woocommerce Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a91a3036ab7d Credits Rafie Muhammad Patchstac...

WordPress Goal Tracker - Custom Event Tracking for GA4 Plugin < 1.0.11 is vulnerable to Cross Site Scripting (XSS)

Software Goal Tracker - Custom Event Tracking for GA4 Type Plugin Vulnerable versions 1.0.11 Fixed in 1.0.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e97011f95aa7 Credits Raf...

WordPress Content Slider for WP Posts (Section Slider) Plugin <= 0.1 is vulnerable to Cross Site Scripting (XSS)

Software Content Slider for WP Posts Section Slider Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9e0ed6db33b1 Credits Rafie...

WordPress Finpose – Accounting and Financial Tracking Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Finpose – Accounting and Financial Tracking Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b756a68c076a Credits Rafie...

WordPress Alley Business Toolkit Plugin <= 2.0.7 is vulnerable to Cross Site Scripting (XSS)

Software Alley Business Toolkit Type Plugin Vulnerable versions = 2.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f03c4c803b7a Credits Rafie Muhammad Patchstack...

WordPress Shortcodes Ultimate Plugin <= 5.13.0 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 5.13.0 Fixed in 5.13.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 568e2ac38f7b Credits Rafie Muhammad Patchstack...

WordPress StreamCast Plugin < 2.1.9 is vulnerable to Cross Site Scripting (XSS)

Software StreamCast Type Plugin Vulnerable versions 2.1.9 Fixed in 2.1.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 86ec05693cb6 Credits Rafie Muhammad Patchstack Required...

WordPress Premmerce Permalink Manager for WooCommerce Plugin <= 2.3.8 is vulnerable to Cross Site Scripting (XSS)

Software Premmerce Permalink Manager for WooCommerce Type Plugin Vulnerable versions = 2.3.8 Fixed in 2.3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 3d9ba08b3dfc Credits Rafie...

WordPress Prime Slider – Addons For Elementor Plugin <= 3.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Prime Slider – Addons For Elementor Type Plugin Vulnerable versions = 3.8.2 Fixed in 3.8.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bfb3b0b97bd0 Credits Rafie Muhamm...