WordPress Performance Kit Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Performance Kit Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b28c91b23fa9 Credits Rafie Muhammad Patchstack Required...

WordPress Contact Form 7 Multi-Step Forms Plugin < 4.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form 7 Multi-Step Forms Type Plugin Vulnerable versions 4.3.1 Fixed in 4.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4442b3e885b0 Credits Rafie Muhammad...

WordPress Search Merchandising – Track & Manage WooCommerce Product Search Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Search Merchandising – Track & Manage WooCommerce Product Search Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Qyrr – simply and modern QR-Code creation Plugin < 1.5 is vulnerable to Cross Site Scripting (XSS)

Software Qyrr – simply and modern QR-Code creation Type Plugin Vulnerable versions 1.5 Fixed in 1.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Patrick Posner PSID b4effa18b733 Credits Rafie Muhamma...

WordPress FooBox Image Lightbox Plugin < 2.7.27 is vulnerable to Cross Site Scripting (XSS)

Software FooBox Image Lightbox Type Plugin Vulnerable versions 2.7.27 Fixed in 2.7.27 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0aedda1b7b63 Credits Rafie Muhammad Patchstack...

WordPress Bootstrap Fitness Theme < 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Bootstrap Fitness Type Theme Vulnerable versions 1.0.6 Fixed in 1.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 151cad56de76 Credits Rafie Muhammad Patchstack Require...

WordPress Backup Bolt Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Backup Bolt Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6cdb95fd5dfc Credits Rafie Muhammad Patchstack Required...

WordPress Better Comments Plugin < 1.5.4 is vulnerable to Cross Site Scripting (XSS)

Software Better Comments Type Plugin Vulnerable versions 1.5.4 Fixed in 1.5.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 702ae6a34747 Credits Rafie Muhammad Patchstack Required...

WordPress Easy Prayer Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS)

Software Easy Prayer Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b2c604642d4f Credits Rafie Muhammad Patchstack Required...

WordPress Elasta Theme < 1.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Elasta Type Theme Vulnerable versions 1.0.9 Fixed in 1.0.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6c84debbae4a Credits Rafie Muhammad Patchstack Required privilege...

WordPress SLP – Extended Data Manager Plugin <= 6.1.1 is vulnerable to Cross Site Scripting (XSS)

Software SLP – Extended Data Manager Type Plugin Vulnerable versions = 6.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8d2e98c75731 Credits Rafie Muhammad...

WordPress netFORUM Single Sign On Plugin <= 1.3.5 is vulnerable to Cross Site Scripting (XSS)

Software netFORUM Single Sign On Type Plugin Vulnerable versions = 1.3.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9ddecf76497f Credits Rafie Muhammad Patchstack...

WordPress Ultimate Carousel For Divi Plugin < 4.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Carousel For Divi Type Plugin Vulnerable versions 4.5.1 Fixed in 4.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 62b9f7045643 Credits Rafie Muhammad Patchsta...

WordPress SLP – Extenders Plugin <= 6.1.1 is vulnerable to Cross Site Scripting (XSS)

Software SLP – Extenders Type Plugin Vulnerable versions = 6.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f659d4022f0d Credits Rafie Muhammad Patchstack Required...

WordPress Magic Login API Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Magic Login API Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6d2c95bc7776 Credits Rafie Muhammad Patchstack Required...

WordPress Word Count Analysis Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS)

Software Word Count Analysis Type Plugin Vulnerable versions = 1.0.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 056e051a5bca Credits Rafie Muhammad Patchstack...

WordPress Smart Variations Images & Swatches for WooCommerce Plugin < 5.2.8 is vulnerable to Cross Site Scripting (XSS)

Software Smart Variations Images & Swatches for WooCommerce Type Plugin Vulnerable versions 5.2.8 Fixed in 5.2.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8c57c7b671c4 Credits...

WordPress Get Cash Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS)

Software Get Cash Type Plugin Vulnerable versions = 3.1 Fixed in 3.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2801248ebadb Credits Rafie Muhammad Patchstack Required privileg...

WordPress Ultimate Infinite Scroll Plugin Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Infinite Scroll Plugin Type Plugin Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e939817d24d9 Credits Rafie Muhammad...

WordPress Go Fetch Jobs (for JobEngine) Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Go Fetch Jobs for JobEngine Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 257718bba697 Credits Rafie Muhammad Patchstac...