WordPress Passster – Password Protection Plugin < 4.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Passster – Password Protection Type Plugin Vulnerable versions 4.2.2 Fixed in 4.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Patrick Posner PSID 8b97c2c68b65 Credits Rafie Muhammad...

WordPress SEO Content Randomizer Plugin < 3.28.1 is vulnerable to Cross Site Scripting (XSS)

Software SEO Content Randomizer Type Plugin Vulnerable versions 3.28.1 Fixed in 3.28.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f3735b8f77bc Credits Rafie Muhammad Patchstack...

WordPress VidSEO | WordPress Video SEO embedder with transcripts (Youtube & Vimeo) Plugin < 1.2.6 is vulnerable to Cross Site Scripting (XSS)

Software VidSEO | WordPress Video SEO embedder with transcripts Youtube & Vimeo Type Plugin Vulnerable versions 1.2.6 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Integrate Google Drive Plugin < 1.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Integrate Google Drive Type Plugin Vulnerable versions 1.2.3 Fixed in 1.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5711b66138ac Credits Rafie Muhammad Patchstack...

WordPress Restrict Posts based on Conditions – Conditional Post Restrictions Plugin < 1.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Restrict Posts based on Conditions – Conditional Post Restrictions Type Plugin Vulnerable versions 1.2.2 Fixed in 1.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Display Eventbrite Events Plugin < 5.3.3 is vulnerable to Cross Site Scripting (XSS)

Software Display Eventbrite Events Type Plugin Vulnerable versions 5.3.3 Fixed in 5.3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Fullworks Plugins PSID b65580fd09a1 Credits Rafie Muhammad...

WordPress Mapster WP Maps Plugin < 1.2.36 is vulnerable to Cross Site Scripting (XSS)

Software Mapster WP Maps Type Plugin Vulnerable versions 1.2.36 Fixed in 1.2.36 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 42d3f06779ba Credits Rafie Muhammad Patchstack Requir...

WordPress Кнопка Яндекс Денег Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS)

Software Кнопка Яндекс Денег Type Plugin Vulnerable versions = 2.4.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5ecb1fd65545 Credits Rafie Muhammad Patchstack...

WordPress Easy Order View Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Easy Order View Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 06032b452cdb Credits Rafie Muhammad Patchstack Required...

WordPress Turbo Widgets Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Turbo Widgets Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 87b08b4531c7 Credits Rafie Muhammad Patchstack Required...

WordPress HM Multiple Roles Plugin <= 1.8 is vulnerable to Cross Site Scripting (XSS)

Software HM Multiple Roles Type Plugin Vulnerable versions = 1.8 Fixed in 1.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7297b541283e Credits Rafie Muhammad Patchstack Required...

WordPress Simple Giveaways Plugin <= 2.46.0 is vulnerable to Cross Site Scripting (XSS)

Software Simple Giveaways Type Plugin Vulnerable versions = 2.46.0 Fixed in 2.46.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a0ce7fb5f5ef Credits Rafie Muhammad Patchstack...

WordPress WP Sales Pitch Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Sales Pitch Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 694772f4acd2 Credits Rafie Muhammad Patchstack Required...

WordPress Unlimited Theme Addon For Elementor and WooCommerce Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)

Software Unlimited Theme Addon For Elementor and WooCommerce Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6d5498e5f5ec...

WordPress Cool Author Box - For Widget and Post Content Plugin <= 2.9.5 is vulnerable to Cross Site Scripting (XSS)

Software Cool Author Box - For Widget and Post Content Type Plugin Vulnerable versions = 2.9.5 Fixed in 2.9.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 965a0456c07b Credits...

WordPress WP Custom field for Gutenberg Editor Plugin <= 1.7.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Custom field for Gutenberg Editor Type Plugin Vulnerable versions = 1.7.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7594c076aa0a Credits Rafie Muhamma...

WordPress Freshing Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Freshing Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 21faf439d0ae Credits Rafie Muhammad Patchstack Required...

WordPress GFireM Fields Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS)

Software GFireM Fields Type Plugin Vulnerable versions = 1.1.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7b9137f7b7a5 Credits Rafie Muhammad Patchstack Required...

WordPress Add Twitter Pixel for Twitter ads Plugin < 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Add Twitter Pixel for Twitter ads Type Plugin Vulnerable versions 1.0.6 Fixed in 1.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c2595926ce4e Credits Rafie Muhammad...

WordPress Contact Form 7 – Capsule CRM – Integration Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form 7 – Capsule CRM – Integration Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c0e0fb288c2a Credits Rafie...