WordPress Search Field for Gravity Forms Plugin <= 0.5 is vulnerable to Cross Site Scripting (XSS)

Software Search Field for Gravity Forms Type Plugin Vulnerable versions = 0.5 Fixed in 0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 043a13d5d567 Credits Rafie Muhammad Patchstack...

WordPress Terms & Conditions Per Product Plugin <= 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Terms & Conditions Per Product Type Plugin Vulnerable versions = 1.2.5 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9198dad42c20 Credits Rafie Muhammad...

WordPress DEV.LAND Plugin <= 3.0.4 is vulnerable to Cross Site Scripting (XSS)

Software DEV.LAND Type Plugin Vulnerable versions = 3.0.4 Fixed in 3.0.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID ec2699cc297c Credits Rafie Muhammad Patchstack Required privileg...

WordPress Go Fetch Jobs (for WP Job Manager) Plugin <= 1.8.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Go Fetch Jobs for WP Job Manager Type Plugin Vulnerable versions = 1.8.2.2 Fixed in 1.8.4.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 4f78961ea025 Credits Rafie Muhammad...

WordPress WooBuddy Plugin <= 3.4.15 is vulnerable to Cross Site Scripting (XSS)

Software WooBuddy Type Plugin Vulnerable versions = 3.4.15 Fixed in 3.4.16 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 2e4b04e137df Credits Rafie Muhammad Patchstack Required...

WordPress TI WooCommerce Wishlist Plugin <= 1.6.2 is vulnerable to Cross Site Scripting (XSS)

Software TI WooCommerce Wishlist Type Plugin Vulnerable versions = 1.6.2 Fixed in 1.7.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 25a4fb6be4e0 Credits Rafie Muhammad Patchstack...

WordPress Hide Admin Bar Based on User Roles Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)

Software Hide Admin Bar Based on User Roles Type Plugin Vulnerable versions = 1.7 Fixed in 1.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 3d22aaa97c1e Credits Rafie Muhammad...

WordPress Popup Maker Plugin <= 1.9.2 is vulnerable to Cross Site Scripting (XSS)

Software Popup Maker Type Plugin Vulnerable versions = 1.9.2 Fixed in 1.10.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID b1490f38ddc0 Credits Rafie Muhammad Patchstack Required...

WordPress Advanced Custom Fields Frontend Forms Plugin <= 1.3.4 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Custom Fields Frontend Forms Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID e7bf47e904be Credits Rafie Muhammad...

WordPress CF7 Constant Contact Fields Mapping Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software CF7 Constant Contact Fields Mapping Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 513aaa765db6 Credits Rafie Muhammad...

WordPress SV Posts Plugin <= 1.9.00 is vulnerable to Cross Site Scripting (XSS)

Software SV Posts Type Plugin Vulnerable versions = 1.9.00 Fixed in 2.0.00 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID f4cc0b514da7 Credits Rafie Muhammad Patchstack Required...

WordPress Remove Duplicate Posts Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Remove Duplicate Posts Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 06b3bc1848f2 Credits Rafie Muhammad Patchstack...

WordPress DeMomentSomTres WordPress Export Posts With Images Plugin <= 2.5 is vulnerable to Cross Site Scripting (XSS)

Software DeMomentSomTres WordPress Export Posts With Images Type Plugin Vulnerable versions = 2.5 Fixed in 20200610 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 568a0722ed5e Credits...

WordPress BuddyForms Posts 2 Posts Plugin <= 1.0.10 is vulnerable to Cross Site Scripting (XSS)

Software BuddyForms Posts 2 Posts Type Plugin Vulnerable versions = 1.0.10 Fixed in 1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 6d47ac352bde Credits Rafie Muhammad Patchstack...

WordPress BuddyForms Hierarchical Posts Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software BuddyForms Hierarchical Posts Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 0e41c8fe2c4e Credits Rafie Muhammad...

WordPress Video Analytics for Cloudflare Stream Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Video Analytics for Cloudflare Stream Type Plugin Vulnerable versions = 1.1 Fixed in 1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID ca3447e66eaa Credits Rafie Muhammad...

WordPress DeMomentSomTres Immediate Send Plugin <= 3.201704251244 is vulnerable to Cross Site Scripting (XSS)

Software DeMomentSomTres Immediate Send Type Plugin Vulnerable versions = 3.201704251244 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 395b22880d0c Credits Rafie Muhammad...

WordPress Menu Item Scheduler Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Menu Item Scheduler Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 85b80b505402 Credits Rafie Muhammad Patchstack Required...

WordPress Page Builder for Gutenberg – StarterBlocks Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Page Builder for Gutenberg – StarterBlocks Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 97ebfdae62a5 Credits Rafie...

WordPress WN Flipbox Pro Plugin <= 1.15 is vulnerable to Cross Site Scripting (XSS)

Software WN Flipbox Pro Type Plugin Vulnerable versions = 1.15 Fixed in 2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID ef85e7e1358f Credits Rafie Muhammad Patchstack Required...