WordPress WP Activity Log Plugin <= 4.4.2.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Activity Log Type Plugin Vulnerable versions = 4.4.2.1 Fixed in 4.4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Melapress PSID 309a4583a754 Credits Rafie Muhammad Patchstack Required...

WordPress Custom Welcome Guide Plugin <= 1.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Custom Welcome Guide Type Plugin Vulnerable versions = 1.0.8 Fixed in 1.0.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 0f8aead91a99 Credits Rafie Muhammad Patchstack...

WordPress Gutenberg Block Editor Toolkit Plugin <= 1.16 is vulnerable to Cross Site Scripting (XSS)

Software Gutenberg Block Editor Toolkit Type Plugin Vulnerable versions = 1.16 Fixed in 1.17 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID d49173f4b0fb Credits Rafie Muhammad Patchsta...

WordPress Easy Watermark Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Easy Watermark Type Plugin Vulnerable versions = 1.0.6 Fixed in 1.0.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 674b7aa66623 Credits Rafie Muhammad Patchstack Required...

WordPress Event Tickets Plugin <= 5.5.11.1 is vulnerable to Cross Site Scripting (XSS)

Software Event Tickets Type Plugin Vulnerable versions = 5.5.11.1 Fixed in 5.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Liquid Web / StellarWP PSID b526dab2f64a Credits Rafie Muhammad Patchstack...

WordPress WordPress Easy Call Now Button by elixirs.io Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Easy Call Now Button by elixirs.io Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 566a7ec248a1 Credits Rafie...

WordPress DokoBuilder : DIY Product Bundle for WooCommerce Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software DokoBuilder : DIY Product Bundle for WooCommerce Type Plugin Vulnerable versions = 1.0 Fixed in 1.0.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9b2f125227ce Credits Rafie...

WordPress Google Maps Plugin by Intergeo Plugin <= 1.1.5 is vulnerable to Cross Site Scripting (XSS)

Software Google Maps Plugin by Intergeo Type Plugin Vulnerable versions = 1.1.5 Fixed in 1.1.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 6c46fd667005 Credits Rafie Muhammad...

WordPress WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to fix Insecure Content Plugin <= 6.2.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to fix Insecure Content Type Plugin Vulnerable versions = 6.2.0 Fixed in 6.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer...

WordPress Asset CleanUp: Page Speed Booster Plugin <= 1.3.5.4 is vulnerable to Cross Site Scripting (XSS)

Software Asset CleanUp: Page Speed Booster Type Plugin Vulnerable versions = 1.3.5.4 Fixed in 1.3.5.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID bc6a1c710d5a Credits Rafie Muhammad...

WordPress BuddyForms Form Elements for WooCommerce Plugin <= 1.4.1 is vulnerable to Cross Site Scripting (XSS)

Software BuddyForms Form Elements for WooCommerce Type Plugin Vulnerable versions = 1.4.1 Fixed in 1.4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 935b2e87bd86 Credits Rafie...

WordPress WooCommerce Attribute Stock - Share Stock Between Products (Lite Version) Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Attribute Stock - Share Stock Between Products Lite Version Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID...

WordPress BuddyForms Remote Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software BuddyForms Remote Type Plugin Vulnerable versions = 1.0.4 Fixed in 1.0.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 11788d764e29 Credits Rafie Muhammad Patchstack Required...

WordPress Display Data on your site! Create Dynamic Content Templates from any form of data. Works with ACF, Pods, BuddyPress/ BuddyBoss Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Display Data on your site! Create Dynamic Content Templates from any form of data. Works with ACF, Pods, BuddyPress/ BuddyBoss Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.3.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High...

WordPress CF7 ReCaptcha Mine Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software CF7 ReCaptcha Mine Type Plugin Vulnerable versions = 1.0.2 Fixed in 2.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 98006570d580 Credits Rafie Muhammad Patchstack Require...

WordPress Simple Tour Guide Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Simple Tour Guide Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 16c7f68a1d9d Credits Rafie Muhammad Patchstack Required...

WordPress WP Mail Log Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software WP Mail Log Type Plugin Vulnerable versions = 1.0.2 Fixed in 1.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 0ce743ed2f3d Credits Rafie Muhammad Patchstack Required...

WordPress Stop WP Emails Going to Spam Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS)

Software Stop WP Emails Going to Spam Type Plugin Vulnerable versions = 1.1.6 Fixed in 2.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID fd8327c521e3 Credits Rafie Muhammad Patchsta...

WordPress Stripe Express Plugin <= 1.12.0 is vulnerable to Cross Site Scripting (XSS)

Software Stripe Express Type Plugin Vulnerable versions = 1.12.0 Fixed in 1.12.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 2d97e8c50280 Credits Rafie Muhammad Patchstack Required...

WordPress Subaccounts for WooCommerce Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Subaccounts for WooCommerce Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.4.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9c9b80f294b4 Credits Rafie Muhammad Patchstac...