WordPress HuCommerce | Magyar WooCommerce kieg鳺?ek Plugin <= 30.3.0 is vulnerable to Cross Site Scripting (XSS)

Software HuCommerce | Magyar WooCommerce kieg鳺?ek Type Plugin Vulnerable versions = 30.3.0 Fixed in 2022.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 1c58fd50ae68 Credits Rafie...

WordPress Post List With Featured Image Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Post List With Featured Image Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-37997 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4b187eb850b5 Credits LEE S...

WordPress Contact Form By Mega Forms – Drag and Drop Form Builder Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form By Mega Forms – Drag and Drop Form Builder Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 5d66bb9d8b9f...

WordPress Woocommerce Delivery Date Premium Plugin <= 2.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Woocommerce Delivery Date Premium Type Plugin Vulnerable versions = 2.1.3 Fixed in 2.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID c26f3fc67ca0 Credits Rafie Muhammad...

WordPress DeMomentSomTres WordPress Export Posts With Images Plugin <= 2.5 is vulnerable to Cross Site Scripting (XSS)

Software DeMomentSomTres WordPress Export Posts With Images Type Plugin Vulnerable versions = 2.5 Fixed in 20200610 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 568a0722ed5e Credits...

WordPress WordPress Auto SEO Plugin – Upfiv SEO Wizard Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Auto SEO Plugin – Upfiv SEO Wizard Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 2a56c1fca648 Credits Rafie...

WordPress WordPress Team Members – GS Plugins Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Team Members – GS Plugins Type Plugin Vulnerable versions = 2.2.1 Fixed in 2.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 741ebe0ad0f9 Credits Rafie Muhammad...

WordPress Stellar Places Plugin <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software Stellar Places Type Plugin Vulnerable versions = 1.0.7 Fixed in 1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 7cb29a8636b0 Credits Rafie Muhammad Patchstack Required...

WordPress BuddyPress Groups Integration for WooCommerce Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software BuddyPress Groups Integration for WooCommerce Type Plugin Vulnerable versions = 1.0.4 Fixed in 1.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 74e53a4d5f1c Credits Rafie...

WordPress MPG Plugin <= 2.8.12 is vulnerable to Cross Site Scripting (XSS)

Software MPG Type Plugin Vulnerable versions = 2.8.12 Fixed in 3.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 593885fb7e28 Credits Rafie Muhammad Patchstack Required privilege...

WordPress EmbedPress Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)

Software EmbedPress Type Plugin Vulnerable versions = 2.0.2 Fixed in 2.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 92c19787339e Credits Rafie Muhammad Patchstack Required...

WordPress FormsCRM Plugin <= 3.5.1 is vulnerable to Cross Site Scripting (XSS)

Software FormsCRM Type Plugin Vulnerable versions = 3.5.1 Fixed in 3.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID bf6f153f12ef Credits Rafie Muhammad Patchstack Required privilege...

WordPress Divi Carousel Lite Plugin <= 1.2.11 is vulnerable to Cross Site Scripting (XSS)

Software Divi Carousel Lite Type Plugin Vulnerable versions = 1.2.11 Fixed in 1.2.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID a2b273c2e39a Credits Rafie Muhammad Patchstack...

WordPress Salon booking system Plugin <= 8.4.7 is vulnerable to Cross Site Scripting (XSS)

Software Salon booking system Type Plugin Vulnerable versions = 8.4.7 Fixed in 8.4.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 36c49c980842 Credits Rafie Muhammad Patchstack...

WordPress SV100 Companion Plugin <= 1.9.00 is vulnerable to Cross Site Scripting (XSS)

Software SV100 Companion Type Plugin Vulnerable versions = 1.9.00 Fixed in 2.0.00 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID b89ce4a4735c Credits Rafie Muhammad Patchstack Required...

WordPress WP Tools Divi Blog Carousel Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Tools Divi Blog Carousel Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 8fda70168d77 Credits Rafie Muhammad Patchstac...

WordPress Gallery Bank Plugin <= 4.0.18 is vulnerable to Cross Site Scripting (XSS)

Software Gallery Bank Type Plugin Vulnerable versions = 4.0.18 Fixed in 4.0.19 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID b7b7ba517a68 Credits Rafie Muhammad Patchstack Required...

WordPress WP AutoTerms: Privacy Policy Generator (GDPR & CCPA), Terms & Conditions Generator, Cookie Notice Banner Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS)

Software WP AutoTerms: Privacy Policy Generator GDPR & CCPA, Terms & Conditions Generator, Cookie Notice Banner Type Plugin Vulnerable versions = 1.8.2 Fixed in 2.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1...

WordPress Bulk Landing Page Creator for WordPress LPagery Plugin <= 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Bulk Landing Page Creator for WordPress LPagery Type Plugin Vulnerable versions = 1.2.5 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 60b86f842956 Credits Rafi...

WordPress Map Plugin alternative to Google Maps using MapQuest, with directions Plugin <= 2.16.1 is vulnerable to Cross Site Scripting (XSS)

Software Map Plugin alternative to Google Maps using MapQuest, with directions Type Plugin Vulnerable versions = 2.16.1 Fixed in 2.16.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID...