WordPress Easy Social Feed Plugin < 6.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Easy Social Feed Type Plugin Vulnerable versions 6.5.1 Fixed in 6.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d5526157708e Credits Rafie Muhammad Patchstack Require...

WordPress WPCake Theme <= 1.2.4 is vulnerable to Cross Site Scripting (XSS)

Software WPCake Type Theme Vulnerable versions = 1.2.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 68407b28531f Credits Rafie Muhammad Patchstack Required privilege...

WordPress Inavii for Elementor Social Feed Plugin < 2.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Inavii for Elementor Social Feed Type Plugin Vulnerable versions 2.1.3 Fixed in 2.1.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9e06abac0d5b Credits Rafie Muhammad...

WordPress Advanced Custom Fields options import/export Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Custom Fields options import/export Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4db49edd1f34 Credits Rafie...

WordPress Roven Blog Theme <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Roven Blog Type Theme Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f92c1f62e673 Credits Rafie Muhammad Patchstack Required...

WordPress Material Design for Contact Form 7 Plugin <= 2.6.5 is vulnerable to Cross Site Scripting (XSS)

Software Material Design for Contact Form 7 Type Plugin Vulnerable versions = 2.6.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 99dee6925b46 Credits Rafie Muhammad...

WordPress Reset Course Progress For LearnDash Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Reset Course Progress For LearnDash Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a19631e39834 Credits Rafie Muhammad...

WordPress Advanced Form Integration Plugin < 1.69.1 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Form Integration Type Plugin Vulnerable versions 1.69.1 Fixed in 1.69.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b9cd0d3cccb3 Credits Rafie Muhammad...

WordPress PixiGo Theme <= 1.0.16 is vulnerable to Cross Site Scripting (XSS)

Software PixiGo Type Theme Vulnerable versions = 1.0.16 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d1dff6c0bf87 Credits Rafie Muhammad Patchstack Required privileg...

WordPress Remove Add to Cart Button for WooCommerce Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Remove Add to Cart Button for WooCommerce Type Plugin Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e8228bf4c98a Credits Rafie...

WordPress Alt Manager Plugin < 1.5.7 is vulnerable to Cross Site Scripting (XSS)

Software Alt Manager Type Plugin Vulnerable versions 1.5.7 Fixed in 1.5.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5d5816be5174 Credits Rafie Muhammad Patchstack Required...

WordPress Smart phone field for Gravity Forms Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Software Smart phone field for Gravity Forms Type Plugin Vulnerable versions = 2.0 Fixed in 2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c510b0a80922 Credits Rafie Muhammad...

WordPress EthPress – Web3 Login Plugin < 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Software EthPress – Web3 Login Type Plugin Vulnerable versions 2.1.1 Fixed in 2.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8300c2068fb2 Credits Rafie Muhammad Patchstack...

WordPress BAVOKO SEO Tools – All-in-One WordPress SEO Plugin <= 2.1.9.12 is vulnerable to Cross Site Scripting (XSS)

Software BAVOKO SEO Tools – All-in-One WordPress SEO Type Plugin Vulnerable versions = 2.1.9.12 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bc4738883f56 Credits Raf...

WordPress Premmerce Variation Swatches for WooCommerce Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Premmerce Variation Swatches for WooCommerce Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 2a04ac1c6e8a Credits Rafie...

WordPress WooCommerce Google Sheet Connector Plugin < 1.3.5 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Google Sheet Connector Type Plugin Vulnerable versions 1.3.5 Fixed in 1.3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b09a38dc4e5c Credits Rafie Muhammad...

WordPress WCC SEO Keyword Research Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software WCC SEO Keyword Research Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b9e296dd4139 Credits Rafie Muhammad Patchstack...

WordPress BlogSafe Scanner Plugin <= 1.1.5 is vulnerable to Cross Site Scripting (XSS)

Software BlogSafe Scanner Type Plugin Vulnerable versions = 1.1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e47a3b031425 Credits Rafie Muhammad Patchstack Require...

WordPress Human Resource Management (HRM) for WordPress – FooPeople Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Human Resource Management HRM for WordPress – FooPeople Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6943e73986ad...

WordPress WP Event Partners – WordPress Plugin for Event and Conference Management Plugin <= 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Software WP Event Partners – WordPress Plugin for Event and Conference Management Type Plugin Vulnerable versions = 1.2.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSI...