WordPress SLP – Extended Data Manager Plugin <= 6.1.1 is vulnerable to Cross Site Scripting (XSS)

Software SLP – Extended Data Manager Type Plugin Vulnerable versions = 6.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8d2e98c75731 Credits Rafie Muhammad...

WordPress Ted – WordPress Text Editor Plugin Plugin <= 0.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Ted – WordPress Text Editor Plugin Type Plugin Vulnerable versions = 0.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 263721f4318b Credits Rafie Muhammad...

WordPress Product Layouts for Woocommerce ( Product Gallery, Product Showcase, Layout Design, Category Tabs, Product Slider, Product Grid, Product Table ) Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Product Layouts for Woocommerce Product Gallery, Product Showcase, Layout Design, Category Tabs, Product Slider, Product Grid, Product Table Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch...

WordPress STARTEND Subscription Add-On for GravityForms Plugin <= 4.0.3 is vulnerable to Cross Site Scripting (XSS)

Software STARTEND Subscription Add-On for GravityForms Type Plugin Vulnerable versions = 4.0.3 Fixed in 4.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dc9e3b41e070 Credits...

WordPress FloPress Plugin <= 1.4.2 is vulnerable to Cross Site Scripting (XSS)

Software FloPress Type Plugin Vulnerable versions = 1.4.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 98bc1cb18f05 Credits Rafie Muhammad Patchstack Required...

WordPress CodePile Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software CodePile Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 05b4c2ea2bb9 Credits Rafie Muhammad Patchstack Required...

WordPress Out of stock display for woocommerce Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Out of stock display for woocommerce Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c805e11af12f Credits Rafie Muhammad...

WordPress Cart Weight for WooCommerce Plugin <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software Cart Weight for WooCommerce Type Plugin Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 697cc226182a Credits Rafie Muhammad...

WordPress Shipping Method Display Style for WooCommerce Plugin <= 3.7.6 is vulnerable to Cross Site Scripting (XSS)

Software Shipping Method Display Style for WooCommerce Type Plugin Vulnerable versions = 3.7.6 Fixed in 3.7.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2ec792f38abe Credits...

WordPress BBP Core - Expand bbPress powered forums with useful features Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software BBP Core - Expand bbPress powered forums with useful features Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Page Manager for Elementor Plugin <= 2.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Page Manager for Elementor Type Plugin Vulnerable versions = 2.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c9cdb3c256dd Credits Rafie Muhammad Patchsta...

WordPress Multipurpose Gutenberg Block Plugin <= 1.7.5 is vulnerable to Cross Site Scripting (XSS)

Software Multipurpose Gutenberg Block Type Plugin Vulnerable versions = 1.7.5 Fixed in 1.7.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 814ea97caffb Credits Rafie Muhammad...

WordPress Woo Admin Product Notes Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Woo Admin Product Notes Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2c264a5cbee2 Credits Rafie Muhammad Patchstack...

WordPress Template Manager for Gutenberg Block Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Template Manager for Gutenberg Block Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 011e9bd91ed5 Credits Rafie Muhamma...

WordPress Embed Tik Tok Video Feed (Tiktok feed) for WordPress Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Embed Tik Tok Video Feed Tiktok feed for WordPress Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1c927ede470a Credits...

WordPress SV Gravity Forms Enhancer Plugin <= 1.9.00 is vulnerable to Cross Site Scripting (XSS)

Software SV Gravity Forms Enhancer Type Plugin Vulnerable versions = 1.9.00 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 28ef228ef004 Credits Rafie Muhammad Patchsta...

WordPress Iks Menu – WordPress Category Accordion Menu Plugin < 1.11.2 is vulnerable to Cross Site Scripting (XSS)

Software Iks Menu – WordPress Category Accordion Menu Type Plugin Vulnerable versions 1.11.2 Fixed in 1.11.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 241c584c7b9d Credits Raf...

WordPress FeedbackScout: The easiest way to collect, prioritise, manage and track customer feedback. Plugin <= 1.9.3 is vulnerable to Cross Site Scripting (XSS)

Software FeedbackScout: The easiest way to collect, prioritise, manage and track customer feedback. Type Plugin Vulnerable versions = 1.9.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer...

WordPress Ninja Popups Plugin <= 4.7.7 is vulnerable to Open Redirection

Software Ninja Popups Type Plugin Vulnerable versions = 4.7.7 Fixed in 4.7.8 OWASP Top 10 A1: Injection Classification Open Redirection CVE CVE-2022-27861 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 5f5341c2db31 Credits Dave Jong Patchstack Required privilege...

WordPress NicheBase Theme < 1.2.3 is vulnerable to Cross Site Scripting (XSS)

Software NicheBase Type Theme Vulnerable versions 1.2.3 Fixed in 1.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 32512bd4c4db Credits Rafie Muhammad Patchstack Required...