WordPress Simple Social Page Widget & Shortcode Plugin <= 1.7.0 is vulnerable to Cross Site Scripting (XSS)

Software Simple Social Page Widget & Shortcode Type Plugin Vulnerable versions = 1.7.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0903d51f92c2 Credits Rafie Muhamm...

WordPress Code Manager Plugin < 1.0.26 is vulnerable to Cross Site Scripting (XSS)

Software Code Manager Type Plugin Vulnerable versions 1.0.26 Fixed in 1.0.26 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 788e1414e608 Credits Rafie Muhammad Patchstack Required...

WordPress Responsive Social Slider Widget Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Social Slider Widget Type Plugin Vulnerable versions = 1.5.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3fbe3d005963 Credits Rafie Muhammad...

WordPress Ona Theme < 1.18.3 is vulnerable to Cross Site Scripting (XSS)

Software Ona Type Theme Vulnerable versions 1.18.3 Fixed in 1.18.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2d8e2d709222 Credits Rafie Muhammad Patchstack Required privilege...

WordPress WordPress Editable Posts Table for the Frontend Plugin < 2.4.28 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Editable Posts Table for the Frontend Type Plugin Vulnerable versions 2.4.28 Fixed in 2.4.28 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7f8dbd4fe9f8 Credits...

WordPress Live Drag and Drop Builder for Contact Form 7 Plugin < 1.2.6 is vulnerable to Cross Site Scripting (XSS)

Software Live Drag and Drop Builder for Contact Form 7 Type Plugin Vulnerable versions 1.2.6 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f8dcf6b85301 Credits Rafi...

WordPress Yuki Theme <= 1.3.7 is vulnerable to Cross Site Scripting (XSS)

Software Yuki Type Theme Vulnerable versions = 1.3.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 376cd5b10558 Credits Rafie Muhammad Patchstack Required privilege...

WordPress SalesZone Theme <= 2.2.4 is vulnerable to Cross Site Scripting (XSS)

Software SalesZone Type Theme Vulnerable versions = 2.2.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ab3efd3674ec Credits Rafie Muhammad Patchstack Required...

WordPress Bootstrap Fitness Theme < 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Bootstrap Fitness Type Theme Vulnerable versions 1.0.6 Fixed in 1.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 151cad56de76 Credits Rafie Muhammad Patchstack Require...

WordPress Menu Image, Icons made easy Plugin < 3.10 is vulnerable to Cross Site Scripting (XSS)

Software Menu Image, Icons made easy Type Plugin Vulnerable versions 3.10 Fixed in 3.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 25e0bdea54af Credits Rafie Muhammad Patchstac...

WordPress Bulk Auto Image Title Attribute (Image Title tag) optimization (Image SEO) + Woocommerce Plugin < 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Bulk Auto Image Title Attribute Image Title tag optimization Image SEO + Woocommerce Type Plugin Vulnerable versions 1.2.5 Fixed in 1.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim...

WordPress WP Moose Theme <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software WP Moose Type Theme Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a3a49f50a84c Credits Rafie Muhammad Patchstack Required privile...

WordPress Travel Tour Theme < 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Travel Tour Type Theme Vulnerable versions 1.2.0 Fixed in 1.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f08db9648ea0 Credits Rafie Muhammad Patchstack Required...

WordPress Chic Lifestyle Theme < 10.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Chic Lifestyle Type Theme Vulnerable versions 10.0.8 Fixed in 10.0.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 85d12c52391e Credits Rafie Muhammad Patchstack Required...

WordPress Blockspare Plugin < 2.6.5 is vulnerable to Cross Site Scripting (XSS)

Software Blockspare Type Plugin Vulnerable versions 2.6.5 Fixed in 2.6.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b339e093873a Credits Rafie Muhammad Patchstack Required...

WordPress Easy Age Verify Plugin < 1.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Easy Age Verify Type Plugin Vulnerable versions 1.8.2 Fixed in 1.8.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 210e67e29951 Credits Rafie Muhammad Patchstack Required...

WordPress Block, Suspend, Report for BuddyPress Plugin < 3.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Block, Suspend, Report for BuddyPress Type Plugin Vulnerable versions 3.6.1 Fixed in 3.6.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 51632a4f1f08 Credits Rafie Muhamm...

WordPress WooCommerce Disable Payment Methods based on cart conditions Plugin < 1.16.0 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Disable Payment Methods based on cart conditions Type Plugin Vulnerable versions 1.16.0 Fixed in 1.16.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Magic Post Thumbnail Plugin < 4.1.13 is vulnerable to Cross Site Scripting (XSS)

Software Magic Post Thumbnail Type Plugin Vulnerable versions 4.1.13 Fixed in 4.1.13 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b012adb9b8a4 Credits Rafie Muhammad Patchstack...

WordPress Open User Map | Everybody can add locations Plugin < 1.3.17 is vulnerable to Cross Site Scripting (XSS)

Software Open User Map | Everybody can add locations Type Plugin Vulnerable versions 1.3.17 Fixed in 1.3.17 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9c1e6c504f0a Credits Rafi...