WordPress Embed Video Thumbnail Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Embed Video Thumbnail Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 8566e0ea18cd Credits Rafie Muhammad Patchstack...

WordPress WordPress Form Builder Plugin – Gutenberg Forms Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Form Builder Plugin – Gutenberg Forms Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.4.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 994f2f3ecc26 Credits Rafi...

WordPress SV Tracking Manager Plugin <= 1.9.00 is vulnerable to Cross Site Scripting (XSS)

Software SV Tracking Manager Type Plugin Vulnerable versions = 1.9.00 Fixed in 2.0.00 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9607e9d7b8e8 Credits Rafie Muhammad Patchstack...

WordPress 360 Javascript Viewer Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS)

Software 360 Javascript Viewer Type Plugin Vulnerable versions = 1.5.2 Fixed in 1.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 954a4a07facd Credits Rafie Muhammad Patchstack...

WordPress MasterStudy LMS Plugin <= 2.7.9 is vulnerable to Cross Site Scripting (XSS)

Software MasterStudy LMS Type Plugin Vulnerable versions = 2.7.9 Fixed in 2.8.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 876c95417bf3 Credits Rafie Muhammad Patchstack Required...

WordPress BuddyForms Attach Post with Group Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)

Software BuddyForms Attach Post with Group Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9d4312fdd8bd Credits Rafie Muhammad...

WordPress XPlainer - WooCommerce Product FAQ Plugin <= 1.3.35 is vulnerable to Cross Site Scripting (XSS)

Software XPlainer - WooCommerce Product FAQ Type Plugin Vulnerable versions = 1.3.35 Fixed in 1.4.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9c00776efd55 Credits Rafie Muhammad...

WordPress Notification Plugin <= 6.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Notification Type Plugin Vulnerable versions = 6.0.4 Fixed in 6.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 58552eb21f66 Credits Rafie Muhammad Patchstack Required...

WordPress WP to Twitter Plugin <= 3.2.19 is vulnerable to Cross Site Scripting (XSS)

Software WP to Twitter Type Plugin Vulnerable versions = 3.2.19 Fixed in 3.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 2c99a8d109d0 Credits Rafie Muhammad Patchstack Required...

WordPress Checkbox Plugin <= 0.8.3 is vulnerable to Cross Site Scripting (XSS)

Software Checkbox Type Plugin Vulnerable versions = 0.8.3 Fixed in 0.8.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 36822a9c98e8 Credits Rafie Muhammad Patchstack Required privileg...

WordPress EthereumICO Plugin <= 2.4.3 is vulnerable to Cross Site Scripting (XSS)

Software EthereumICO Type Plugin Vulnerable versions = 2.4.3 Fixed in 2.4.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 90b8bd0e67cf Credits Rafie Muhammad Patchstack Required...

WordPress Embed Docs - Elementor Files Addon,Elementor Docs Addon,Embed PDF, Word, PowerPoint and Excel Files in Gutenberg & Elementor Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Embed Docs - Elementor Files Addon,Elementor Docs Addon,Embed PDF, Word, PowerPoint and Excel Files in Gutenberg & Elementor Type Plugin Vulnerable versions = 2.0.3 Fixed in 3.0.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CV...

WordPress Accessibility Checker by Equalize Digital Plugin < 1.4.2 is vulnerable to Cross Site Scripting (XSS)

Software Accessibility Checker by Equalize Digital Type Plugin Vulnerable versions 1.4.2 Fixed in 1.4.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Equalize Digital PSID d2ab23b259fd Credits Rafie...

WordPress BuddyForms EasyPin Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software BuddyForms EasyPin Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID adb78d8da60d Credits Rafie Muhammad Patchstack...

WordPress WordPress Dev Powers – ACF Color Coded Field Types Plugin Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Dev Powers – ACF Color Coded Field Types Plugin Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2f5b5cda205c...

WordPress Interactive Geo Maps Plugin < 1.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Interactive Geo Maps Type Plugin Vulnerable versions 1.6.1 Fixed in 1.6.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9b4f22117bce Credits Rafie Muhammad Patchstack...

WordPress Ninja Popups Plugin <= 4.7.7 is vulnerable to Open Redirection

Software Ninja Popups Type Plugin Vulnerable versions = 4.7.7 Fixed in 4.7.8 OWASP Top 10 A1: Injection Classification Open Redirection CVE CVE-2022-27861 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 5f5341c2db31 Credits Dave Jong Patchstack Required privilege...

WordPress Email Header Footer Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Email Header Footer Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7fedc08d003f Credits Rafie Muhammad Patchstack...

WordPress Consultpress Lite Theme <= 1.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Consultpress Lite Type Theme Vulnerable versions = 1.2.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6b3b172b464f Credits Rafie Muhammad Patchstack Require...

WordPress Remove Add to Cart Button for WooCommerce Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Remove Add to Cart Button for WooCommerce Type Plugin Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e8228bf4c98a Credits Rafie...