WordPress Cookii – Free GDPR Cookie Consent Plugin <= 3.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Cookii – Free GDPR Cookie Consent Type Plugin Vulnerable versions = 3.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0c0433d245b5 Credits Rafie Muhammad...

WordPress Alt Manager Plugin < 1.5.7 is vulnerable to Cross Site Scripting (XSS)

Software Alt Manager Type Plugin Vulnerable versions 1.5.7 Fixed in 1.5.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5d5816be5174 Credits Rafie Muhammad Patchstack Required...

WordPress Fast Index Plugin <= 1.9 is vulnerable to Cross Site Scripting (XSS)

Software Fast Index Type Plugin Vulnerable versions = 1.9 Fixed in 1.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1efd80ca1662 Credits Rafie Muhammad Patchstack Required...

WordPress WP REST User Plugin <= 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software WP REST User Type Plugin Vulnerable versions = 1.4.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a086b3cb3cdc Credits Rafie Muhammad Patchstack Required...

WordPress Smart phone field for Gravity Forms Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Software Smart phone field for Gravity Forms Type Plugin Vulnerable versions = 2.0 Fixed in 2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c510b0a80922 Credits Rafie Muhammad...

WordPress Delivery & Pickup Scheduling DateTime Picker Plugin for WooCommerce - Date Time Picker Plugin for WooCommerce Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS)

Software Delivery & Pickup Scheduling DateTime Picker Plugin for WooCommerce - Date Time Picker Plugin for WooCommerce Type Plugin Vulnerable versions = 1.0.11 Fixed in 1.0.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity...

WordPress Guild Raid Progression for WoW and Raider IO Plugin < 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Guild Raid Progression for WoW and Raider IO Type Plugin Vulnerable versions 1.0.3 Fixed in 1.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 44f4e0b3ae81 Credits Rafie...

WordPress Product Table for WooCommerce Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Product Table for WooCommerce Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 146e162f512b Credits Rafie Muhammad...

WordPress Surbma | GDPR Proof Cookie Consent & Notice Bar Plugin < 17.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Surbma | GDPR Proof Cookie Consent & Notice Bar Type Plugin Vulnerable versions 17.8.2 Fixed in 17.8.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 17767534824b Credits...

WordPress Conditional Payment Methods for WooCommerce Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Conditional Payment Methods for WooCommerce Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 88cda384e297 Credits Rafi...

WordPress G Blog Theme <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software G Blog Type Theme Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c6d3793144fe Credits Rafie Muhammad Patchstack Required privilege...

WordPress Music Player for Elementor – Audio Player & Podcast Player Plugin < 1.5.9.9 is vulnerable to Cross Site Scripting (XSS)

Software Music Player for Elementor – Audio Player & Podcast Player Type Plugin Vulnerable versions 1.5.9.9 Fixed in 1.5.9.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Internal Link Juicer: SEO Auto Linker for WordPress Plugin < 2.23.2 is vulnerable to Cross Site Scripting (XSS)

Software Internal Link Juicer: SEO Auto Linker for WordPress Type Plugin Vulnerable versions 2.23.2 Fixed in 2.23.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 99dd5685544e...

WordPress EthPress – Web3 Login Plugin < 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Software EthPress – Web3 Login Type Plugin Vulnerable versions 2.1.1 Fixed in 2.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8300c2068fb2 Credits Rafie Muhammad Patchstack...

WordPress Speculor Theme <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Speculor Type Theme Vulnerable versions = 1.2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1c05fae77b8c Credits Rafie Muhammad Patchstack Required privile...

WordPress Agncy Theme <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)

Software Agncy Type Theme Vulnerable versions = 1.6.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fa0143071d81 Credits Rafie Muhammad Patchstack Required privilege...

WordPress Livemesh Addons for WPBakery Page Builder Plugin < 3.3 is vulnerable to Cross Site Scripting (XSS)

Software Livemesh Addons for WPBakery Page Builder Type Plugin Vulnerable versions 3.3 Fixed in 3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 58640bfcdb02 Credits Rafie Muhamm...

WordPress WooCommerce Google Sheet Connector Plugin < 1.3.5 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Google Sheet Connector Type Plugin Vulnerable versions 1.3.5 Fixed in 1.3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b09a38dc4e5c Credits Rafie Muhammad...

WordPress Restrict Plugin < 2.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Restrict Type Plugin Vulnerable versions 2.2.4 Fixed in 2.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8b14f609135f Credits Rafie Muhammad Patchstack Required...

WordPress Sky Login Redirect Plugin < 3.7.3 is vulnerable to Cross Site Scripting (XSS)

Software Sky Login Redirect Type Plugin Vulnerable versions 3.7.3 Fixed in 3.7.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 47937b8b3a2f Credits Rafie Muhammad Patchstack...