WordPress SocialMark – Easy Watermark/Logo on Social Media Post Link Share Preview Plugin <= 2.0.6 is vulnerable to Cross Site Scripting (XSS)

Software SocialMark – Easy Watermark/Logo on Social Media Post Link Share Preview Type Plugin Vulnerable versions = 2.0.6 Fixed in 2.0.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership...

WordPress Super Video Player Plugin < 1.6.13 is vulnerable to Cross Site Scripting (XSS)

Software Super Video Player Type Plugin Vulnerable versions 1.6.13 Fixed in 1.6.13 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a2d8b09b91b6 Credits Rafie Muhammad Patchstack...

WordPress myCred Plugin < 2.5.3 is vulnerable to Cross Site Scripting (XSS)

Software myCred Type Plugin Vulnerable versions 2.5.3 Fixed in 2.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5c81bf5f4ce4 Credits Rafie Muhammad Patchstack Required privileg...

WordPress WooRocks Magic Content Plugin <= 1.0.17 is vulnerable to Cross Site Scripting (XSS)

Software WooRocks Magic Content Type Plugin Vulnerable versions = 1.0.17 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1fd587f00a62 Credits Rafie Muhammad Patchstack...

WordPress Battle Suit for Divi Plugin <= 1.17.0 is vulnerable to Cross Site Scripting (XSS)

Software Battle Suit for Divi Type Plugin Vulnerable versions = 1.17.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 008027bf67c9 Credits Rafie Muhammad Patchstack...

WordPress Coming Soon Page and Maintenance Mode for WordPress Block Editor Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Coming Soon Page and Maintenance Mode for WordPress Block Editor Type Plugin Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Fullworks Firewall Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Fullworks Firewall Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0a683f965888 Credits Rafie Muhammad Patchstack...

WordPress Postcode Redirect Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Postcode Redirect Type Plugin Vulnerable versions = 4.4.1 Fixed in 5.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2d5e1edfc5f4 Credits Rafie Muhammad Patchstack...

WordPress The best plugin for restrict content, support all Custom Post Types and Elementor – Password Protected Plugin <= 1.0.16 is vulnerable to Cross Site Scripting (XSS)

Software The best plugin for restrict content, support all Custom Post Types and Elementor – Password Protected Type Plugin Vulnerable versions = 1.0.16 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7....

WordPress KVoucher Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software KVoucher Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ade14511d45c Credits Rafie Muhammad Patchstack Required...

WordPress Verbalize WP Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Verbalize WP Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 21e3ff2fe6c4 Credits Rafie Muhammad Patchstack Required...

WordPress Fraud Prevention For Woocommerce Plugin <= 2.1.4 is vulnerable to Cross Site Scripting (XSS)

Software Fraud Prevention For Woocommerce Type Plugin Vulnerable versions = 2.1.4 Fixed in 2.1.4.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ea78bd17532b Credits Rafie Muhamma...

WordPress WooCommerce Customers Table: View, Search, Bulk Editor Plugin <= 1.0.8 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Customers Table: View, Search, Bulk Editor Type Plugin Vulnerable versions = 1.0.8 Fixed in 1.0.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c243834cc4da...

WordPress Simplelender Plugin <= 1.3.23 is vulnerable to Cross Site Scripting (XSS)

Software Simplelender Type Plugin Vulnerable versions = 1.3.23 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 56ad2fad8624 Credits Rafie Muhammad Patchstack Required...

WordPress Memory Meter Plugin < 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Memory Meter Type Plugin Vulnerable versions 1.3.1 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID be382e4f8eb6 Credits Rafie Muhammad Patchstack Required...

WordPress Guestofy – Restaurant Reservations Plugin, Room Planer, Reservation Form Plugin <= 2.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Guestofy – Restaurant Reservations Plugin, Room Planer, Reservation Form Type Plugin Vulnerable versions = 2.2.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSI...

WordPress WP FOFT Loader Plugin < 2.1.29 is vulnerable to Cross Site Scripting (XSS)

Software WP FOFT Loader Type Plugin Vulnerable versions 2.1.29 Fixed in 2.1.29 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ef74a92e3a5f Credits Rafie Muhammad Patchstack Require...

WordPress New Order Notification Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software New Order Notification Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f85602c77d34 Credits Rafie Muhammad Patchstack...

WordPress Checkout with Venmo on EDD Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Checkout with Venmo on EDD Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 85fec6b4a1ab Credits Rafie Muhammad Patchstack...

WordPress Login Designer Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Login Designer Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.6.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 91d36b63e0ed Credits Rafie Muhammad Patchstack Require...