WordPress Automatic YouTube Gallery Plugin < 2.3.3 is vulnerable to Cross Site Scripting (XSS)

Software Automatic YouTube Gallery Type Plugin Vulnerable versions 2.3.3 Fixed in 2.3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ed4d7f0ef45b Credits Rafie Muhammad Patchstac...

WordPress Flight Search Widget and Blocks Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Flight Search Widget and Blocks Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 492a34dd0ab4 Credits Rafie Muhammad...

WordPress WP Simple Maintenance & Under Construction Mode Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Simple Maintenance & Under Construction Mode Type Plugin Vulnerable versions = 1.5.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ae5ab24add7b Credits...

WordPress Date Picker by Input WP – Sync bookings with external Calendars (.ics) Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS)

Software Date Picker by Input WP – Sync bookings with external Calendars .ics Type Plugin Vulnerable versions = 2.2 Fixed in 2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Product Table for WooCommerce Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Product Table for WooCommerce Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 146e162f512b Credits Rafie Muhammad...

WordPress Live TV Player – Worldwide Live TV Channels Player for WordPress Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Live TV Player – Worldwide Live TV Channels Player for WordPress Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress LMS Plugin – eLearning, Online Courses by Attest Plugin <= 1.7.4 is vulnerable to Cross Site Scripting (XSS)

Software LMS Plugin – eLearning, Online Courses by Attest Type Plugin Vulnerable versions = 1.7.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3780cc3e494d Credits...

WordPress Free SSL Certificate Plugin, HTTPS Redirect, Renewal Reminder – Auto-Install Free SSL Plugin < 3.6.0 is vulnerable to Cross Site Scripting (XSS)

Software Free SSL Certificate Plugin, HTTPS Redirect, Renewal Reminder – Auto-Install Free SSL Type Plugin Vulnerable versions 3.6.0 Fixed in 3.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Clai...

WordPress G Blog Theme <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software G Blog Type Theme Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c6d3793144fe Credits Rafie Muhammad Patchstack Required privilege...

WordPress StreamWeasels Twitch Integration Plugin <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)

Software StreamWeasels Twitch Integration Type Plugin Vulnerable versions = 1.6.7 Fixed in 1.6.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 71e06e3c812c Credits Rafie Muhammad...

WordPress Before and After Product Images for WooCommerce Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Before and After Product Images for WooCommerce Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 667bb1121fd9 Credits...

WordPress WP REST User Plugin <= 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software WP REST User Type Plugin Vulnerable versions = 1.4.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a086b3cb3cdc Credits Rafie Muhammad Patchstack Required...

WordPress Cuisine Palace Theme <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Cuisine Palace Type Theme Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 37c5a3d00c1a Credits Rafie Muhammad Patchstack Required...

WordPress Import Social Statistics Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Import Social Statistics Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 847bf2e0ca26 Credits Rafie Muhammad Patchstack...

WordPress Document Viewer for Office Plugin < 2.2.7 is vulnerable to Cross Site Scripting (XSS)

Software Document Viewer for Office Type Plugin Vulnerable versions 2.2.7 Fixed in 2.2.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d9616ec54053 Credits Rafie Muhammad Patchsta...

WordPress Internal Link Juicer: SEO Auto Linker for WordPress Plugin < 2.23.2 is vulnerable to Cross Site Scripting (XSS)

Software Internal Link Juicer: SEO Auto Linker for WordPress Type Plugin Vulnerable versions 2.23.2 Fixed in 2.23.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 99dd5685544e...

WordPress Sky Login Redirect Plugin < 3.7.3 is vulnerable to Cross Site Scripting (XSS)

Software Sky Login Redirect Type Plugin Vulnerable versions 3.7.3 Fixed in 3.7.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 47937b8b3a2f Credits Rafie Muhammad Patchstack...

WordPress Dynamic Pricing for WooCommerce Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Dynamic Pricing for WooCommerce Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ce0b562a9dd7 Credits Rafie Muhammad...

WordPress Slider Addons for The Events Calendar Plugin <= 5.6 is vulnerable to Cross Site Scripting (XSS)

Software Slider Addons for The Events Calendar Type Plugin Vulnerable versions = 5.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d83dcd3934a0 Credits Rafie Muhammad...

WordPress Advance Menu Manager Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Advance Menu Manager Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 720e04a5ed64 Credits Rafie Muhammad Patchstack...