WordPress Guest Author Affiliate Plugin < 1.1.6 is vulnerable to Cross Site Scripting (XSS)

Software Guest Author Affiliate Type Plugin Vulnerable versions 1.1.6 Fixed in 1.1.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5c442c4c1bd8 Credits Rafie Muhammad Patchstack...

WordPress Feedpress Generator Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Feedpress Generator Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8b2db3433ca2 Credits Rafie Muhammad Patchstack...

WordPress WooCommerce Google Sheet Connector Plugin < 1.3.5 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Google Sheet Connector Type Plugin Vulnerable versions 1.3.5 Fixed in 1.3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b09a38dc4e5c Credits Rafie Muhammad...

WordPress WooCommerce – Country Based Payments Plugin < 1.4.4.1 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce – Country Based Payments Type Plugin Vulnerable versions 1.4.4.1 Fixed in 1.4.4.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9fac42c838fb Credits Rafie...

WordPress HM Multiple Roles Plugin <= 1.8 is vulnerable to Cross Site Scripting (XSS)

Software HM Multiple Roles Type Plugin Vulnerable versions = 1.8 Fixed in 1.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7297b541283e Credits Rafie Muhammad Patchstack Required...

WordPress Advanced Exchange Rates for WooCommerce Multilingual Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Exchange Rates for WooCommerce Multilingual Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ac20ba53363a Credi...

WordPress Music Player for Elementor – Audio Player & Podcast Player Plugin < 1.5.9.9 is vulnerable to Cross Site Scripting (XSS)

Software Music Player for Elementor – Audio Player & Podcast Player Type Plugin Vulnerable versions 1.5.9.9 Fixed in 1.5.9.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Customer Order History for WooCommerce Plugin <= 2.4 is vulnerable to Cross Site Scripting (XSS)

Software Customer Order History for WooCommerce Type Plugin Vulnerable versions = 2.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1e9541c2f16e Credits Rafie Muhamma...

WordPress Go Viral – social share, social sharebar, social locker, social chat, open graph, reactions, share & view counters Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Go Viral – social share, social sharebar, social locker, social chat, open graph, reactions, share & view counters Type Plugin Vulnerable versions = 1.8.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severit...

WordPress Recurring Bookings for WooCommerce Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Recurring Bookings for WooCommerce Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4caefbb03430 Credits Rafie Muhammad...

WordPress Media Cloud for Amazon S3, Imgix, Google Cloud Storage, DigitalOcean Spaces and more Plugin <= 4.5.20 is vulnerable to Cross Site Scripting (XSS)

Software Media Cloud for Amazon S3, Imgix, Google Cloud Storage, DigitalOcean Spaces and more Type Plugin Vulnerable versions = 4.5.20 Fixed in 4.5.21 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Cla...

WordPress Wadi Addons for Elementor Plugin <= 1.0.10 is vulnerable to Cross Site Scripting (XSS)

Software Wadi Addons for Elementor Type Plugin Vulnerable versions = 1.0.10 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d2250f332a15 Credits Rafie Muhammad Patchsta...

WordPress Scheduled Notification Bar Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Scheduled Notification Bar Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 18a062a468b5 Credits Rafie Muhammad Patchsta...

WordPress StickyWooCart – Ajax Add to Cart for WooCommerce Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software StickyWooCart – Ajax Add to Cart for WooCommerce Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c1a03a2b802b Credits...

WordPress Sync eCommerce NEO Plugin <= 1.4 is vulnerable to Cross Site Scripting (XSS)

Software Sync eCommerce NEO Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9dbd1f3d1861 Credits Rafie Muhammad Patchstack Require...

WordPress Easy Settings for LearnDash Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Easy Settings for LearnDash Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a0b1740b059c Credits Rafie Muhammad...

WordPress WP Travel Engine Plugin < 5.7.5 is vulnerable to Cross Site Scripting (XSS)

Software WP Travel Engine Type Plugin Vulnerable versions 5.7.5 Fixed in 5.7.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 801294ac323a Credits Rafie Muhammad Patchstack Require...

WordPress Ant Admin Notices for Team Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Ant Admin Notices for Team Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2410afb1f6ab Credits Rafie Muhammad Patchsta...

WordPress WordLive Livecall Addon for Woocommerce Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software WordLive Livecall Addon for Woocommerce Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 59aa5946d146 Credits Rafie...

WordPress WP Disable Sitemap Plugin <= 1.1.6.4 is vulnerable to Cross Site Scripting (XSS)

Software WP Disable Sitemap Type Plugin Vulnerable versions = 1.1.6.4 Fixed in 1.1.6.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ee9a57bb1bb5 Credits Rafie Muhammad Patchstack...