WordPress Custom Login Page Customizer Plugin <= 2.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Custom Login Page Customizer Type Plugin Vulnerable versions = 2.2.2 Fixed in 2.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 73bc975e043e Credits Rafie Muhammad...

WordPress Drip Feed Content Extended for Learndash Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Drip Feed Content Extended for Learndash Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID cab77cdefc15 Credits Rafie...

WordPress Deals of the Day WooCommerce Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Deals of the Day WooCommerce Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e21f5b4f1d03 Credits Rafie Muhammad Patchsta...

WordPress Bulk Edit Categories and Tags – Create Thousands Quickly on the Editor Plugin < 1.7.6 is vulnerable to Cross Site Scripting (XSS)

Software Bulk Edit Categories and Tags – Create Thousands Quickly on the Editor Type Plugin Vulnerable versions 1.7.6 Fixed in 1.7.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress SKT Templates – Elementor & Gutenberg templates Plugin < 5.0.2 is vulnerable to Cross Site Scripting (XSS)

Software SKT Templates – Elementor & Gutenberg templates Type Plugin Vulnerable versions 5.0.2 Fixed in 5.0.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7a37d4fade99 Credits...

WordPress RSS feed with featured images | RSS Chimp Plugin < 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Software RSS feed with featured images | RSS Chimp Type Plugin Vulnerable versions 1.2.5 Fixed in 1.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a074166be2d5 Credits Rafie...

WordPress Ethereum Wallet Plugin < 4.10.6 is vulnerable to Cross Site Scripting (XSS)

Software Ethereum Wallet Type Plugin Vulnerable versions 4.10.6 Fixed in 4.10.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 12d0d0ea37bd Credits Rafie Muhammad Patchstack Requir...

WordPress Quick Event Manager Plugin < 9.8.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Quick Event Manager Type Plugin Vulnerable versions 9.8.5.3 Fixed in 9.8.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Fullworks Plugins PSID 5068fcdc6585 Credits Rafie Muhammad Patchstac...

WordPress Smart Variations Images & Swatches for WooCommerce Plugin < 5.2.8 is vulnerable to Cross Site Scripting (XSS)

Software Smart Variations Images & Swatches for WooCommerce Type Plugin Vulnerable versions 5.2.8 Fixed in 5.2.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8c57c7b671c4 Credits...

WordPress Device Wrapper Plugin < 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Device Wrapper Type Plugin Vulnerable versions 1.1.1 Fixed in 1.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dffe70065f07 Credits Rafie Muhammad Patchstack Required...

WordPress Advanced Accordion Gutenberg Block Plugin <= 4.6.0 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Accordion Gutenberg Block Type Plugin Vulnerable versions = 4.6.0 Fixed in 4.6.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 944f499ae786 Credits Rafie Muhamma...

WordPress WP REST Filter Plugin <= 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software WP REST Filter Type Plugin Vulnerable versions = 1.4.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8dfe74661dc7 Credits Rafie Muhammad Patchstack Required...

WordPress jav's – WooCommerce and Trello integration WooTrello Plugin <= 3.2.5 is vulnerable to Cross Site Scripting (XSS)

Software jav's – WooCommerce and Trello integration WooTrello Type Plugin Vulnerable versions = 3.2.5 Fixed in 3.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bc6f83d83fa4...

WordPress Ultimate Infinite Scroll Plugin Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Infinite Scroll Plugin Type Plugin Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e939817d24d9 Credits Rafie Muhammad...

WordPress Social Gallery Lite Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS)

Software Social Gallery Lite Type Plugin Vulnerable versions = 2.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c93d40337c31 Credits Rafie Muhammad Patchstack Requir...

WordPress Joli CLEAR Lightbox Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Joli CLEAR Lightbox Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 81ea7793b95a Credits Rafie Muhammad Patchstack...

WordPress KPIS CTA Buttons Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)

Software KPIS CTA Buttons Type Plugin Vulnerable versions = 2.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2cbe82135686 Credits Rafie Muhammad Patchstack Require...

WordPress CF7 WOW Styler Plugin < 1.5.4 is vulnerable to Cross Site Scripting (XSS)

Software CF7 WOW Styler Type Plugin Vulnerable versions 1.5.4 Fixed in 1.5.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Tobias PSID 838f3b70bdfc Credits Rafie Muhammad Patchstack Required privilege...

WordPress LearnMore Theme <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software LearnMore Type Theme Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 52fd7b0da907 Credits Rafie Muhammad Patchstack Required...

WordPress BookIt Plugin < 2.4.0 is vulnerable to Cross Site Scripting (XSS)

Software BookIt Type Plugin Vulnerable versions 2.4.0 Fixed in 2.4.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Liquid Web / StellarWP PSID 6ec153a6ea5e Credits Rafie Muhammad Patchstack Required...